* Posts by Destroy All Monsters

16005 publicly visible posts • joined 3 Jun 2008

'I told him to cut it out' – Obama is convinced Putin's hackers swung the election for Trump

Destroy All Monsters Silver badge
Holmes

A rather shrill explanation that makes sense

Question: WHAT THE FCUCK IS GOING ON IN THAT US FUNHOUSE!

Answer: Neocon Panic and Agony (warning: written by "The Saker")

It is pretty obvious that the Neocon reign is coming to an end in a climax of incompetence, hysterical finger-pointing, futile attempts at preventing the inevitable and a desperate scramble to conceal the magnitude of the abject failure which Neocon-inspired policies have resulted in. Obama will go down in history as the worst and most incompetent President in US history. As for Hillary, she will be remembered as both the worst US Secretary of State the US and the most inept Presidential candidate ever.

In light of the fact that the Neocons always failed at everything they attempted, I am inclined to believe that they will probably also fail at preventing Donald Trump from being sworn in. But until January 20th, 2017 I will be holding my breath in fear of what else these truly demented people could come up with.

Destroy All Monsters Silver badge
Trollface

Most hilarious write to file under "You can't explain this Barry guy on his way out with a Nobel Peace Prize around his neck"

Obama: Election Hacks Stopped in September After I Told Putin to ‘Cut It Out’

Obama once again provided no evidence of Russia’s involvement in the hacks, starting once again with the assumption that Russia did what he conceded was a “not particularly sophisticated” hacking attack, and then drew the conclusion that because Putin has a lot of pull in Russia, he must’ve been directly involved.

The most curious aspect of Obama’s narrative, however, is that he claims the hacking attacks stopped entirely in early September after a single direct warning to Putin. Obama claimed to have spoken directly to Putin in early September, when both were in China, and told him to “cut it out.”

Obama insisted after this single warning “we did not see further tampering of the election process” by anyone afterwards. This doesn’t at all fit into the previously provided storyline, which claimed repeated and serious efforts to hack the election.

It also doesn’t make a lot of sense that the US kept making public threats to Russia through the week of the election itself. Obama’s comments would suggest the administration kept hyping the matter and making additional public threats for no reason, despite having obviously handled the matter months ago.

If the hacking stopped way back in September, it also doesn’t make sense that officials continue to hype the hacks as an ongoing thing, nor does it make sense that the story has gained so much more attention in the past week, despite being long over.

Destroy All Monsters Silver badge
Big Brother

COINTELPRO campaign rebooted

.Still waiting for anything of substance as for now there is only heavy breahting, innuendo and outlandish claims by brain-challenged churnalists

Especially as we know that three-letter agencies have had form during the last 4 presidencies of subverting, disrupting, arresting, inciting and spying on completely harmless citizen under the guise of "counterterrorism".with extreme claims of clear and present danger being served cold. Claims that then collapsed and were never heard of again.

Destroy All Monsters Silver badge
Holmes

Re: DNC - Remove the mote from your own eye

Claim that the Democrats Sordid Core Dump has nothing to do with Russia by Robert Parry:

Making Russia ‘The Enemy’

And, even though The New York Times and other big news outlets are reporting as flat fact that Russia hacked the Democratic email accounts and gave the information to WikiLeaks, former British Ambassador Craig Murray, a close associate of WikiLeaks founder Julian Assange, told the London Daily Mail that he personally received the email data from a “disgusted” Democrat.

Murray said he flew from London to Washington for a clandestine handoff from one of the email sources in September, receiving the package in a wooded area near American University.

“Neither of [the leaks, from the Democratic National Committee or Clinton campaign chairman John Podesta] came from the Russians,” Murray said, adding: “the source had legal access to the information. The documents came from inside leaks, not hacks.”

Murray said the insider felt “disgust at the corruption of the Clinton Foundation and the tilting of the primary election playing field against Bernie Sanders.” Murray added that his meeting was with an intermediary for the Democratic leaker, not the leaker directly.

If Murray’s story is true, it raises several alternative scenarios: that the U.S. intelligence community’s claims about a Russian hack are false; that Russians hacked the Democrats’ emails for their own intelligence gathering without giving the material to WikiLeaks; or that Murray was deceived about the identity of the original leaker.

Oracle finally targets Java non-payers – six years after plucking Sun

Destroy All Monsters Silver badge

Re: 'Open Source'

Uhh... yeah? OpenJDK availability for Windows OS.

Is OpenJDK open or not?

Destroy All Monsters Silver badge
Facepalm

Re: Anything that reduces use of Java, no matter how little

Sophomoric "your language a shit" fighting in my comment section?

It's more likely than you think!

Destroy All Monsters Silver badge

Re: Does Java belong to Oracle?

No public domain (that would be silly) but GPL2. Pretty much 10 years ago.

See also: Free and Open Source Java

The JDK+libraries affected are apparently those of Java 7. (See Java Version History and OpenJDK)

However, since the Sun collapse, Java (the language) has evolved and the Sun/Oracle implementation of the JVM and the accompanying libraries has evolved and seen proprietary patching, and Oracle has added some thickening sauce to poison the system and soften it up for a licensing move.

OTOH, a large part of the Java momentum is in the "ecosystem": libraries, docs, IDEs, Java EE3+, ORM framework (much as I hate these) and developer brains. The Oracle JVM is in the end not really that important.

Now, I'm sure there is the patents angle, and the angle of of "the language itself".

OTOH, nowadays Java the language falls under "heavy & verbose", so maybe dropping it for something else while retaining the JVM would not be a bad move.

Destroy All Monsters Silver badge

> which of the myriad of Java software the client wants me to install

LOL what? Use the latest JDK of course.

Destroy All Monsters Silver badge
Alien

Re: Anything that reduces use of Java, no matter how little

Here in our little IT shop, we decided to simply remove Java from our machines, eliminating one of the world's most popular hack targets.

"In order to be able to speak of not wanting to be a hack target, it is necessary to first know whereof you speak."

Destroy All Monsters Silver badge

Re: VirtualBox Extensions Pack next?

Maybe the days of Golang are coming.

Destroy All Monsters Silver badge
Trollface

Re: Java is dead

Schools will keep java alive. I would love to purge my sisters computer of flash and Java and install no script but that would break the website my nieces use.

People who can't distinguish between Java, Java Applets and JavaScript are like imperial stormtroopers.

You fire blasters at 10 of them then 20 more come running through the next comment gate.

Destroy All Monsters Silver badge

But Larry isn't even nominally in charge of Oracle anymore?

Since September 2014 actually.

He's just Grand Moff now.

Destroy All Monsters Silver badge

Re: Paul Crawford

> Java? Never heard of it. I've heard of JavaScript, rather ECMAscript. Java? Do not want.

Normal. You are a sysadmin.

Stay in your Corner!

If at first you don't succeed, send another Mars lander – this time a deep driller

Destroy All Monsters Silver badge

Re: Better put a couple of metres on that drill bit

To give the equivalent of the radiation protection we get at sea level on Earth needs about 4m of Mars soil.

Is that with or without magnetosphere?

"We have lost 50% of our planetary forward deflector shields"

"I told them to keep the iron core heated!"

Ransomware scum face unified white hat army

Destroy All Monsters Silver badge
Holmes

Re: If you want to track them follow the money

Thank you for this message from the grumbling bowels of state control.

I hear bitcoin mining is big in Venezuela so as to be able to evade the socialist paradise's management of foreign currency exchanges and get some money out of the wreckage. Progressives, "tax evasion" spotters with the "we are all in this together" concentration camp mentality as well as statists may bemoan this. I call it freedom and we need more of this. If this means money launderers can launder and central banksters get sweaty, well, so be it.

Rogue One: This is the Star Wars back story you've been looking for

Destroy All Monsters Silver badge

Re: It was excellent

Someone updated the Wikipedia entry, I see

Destroy All Monsters Silver badge
Windows

Re: It was excellent

This.

I couldn't get back into it as much as in the 70s/80s evidently but it was still awesome in a retro way.

Reanimating Peter Cushing ... that was great!

Two notes:

1) This movie shows that the Empire is run by management types through and through. They like to infight, look out for themselves only, are persistently nasty and think they can run the infrastructure without the engineers who built it or even the plans to the machinery for that matter.

2) Sadly, at one point the movie got the feel of an adventure game (push that button, insert this thing here, now get to that unreachable control point some feet away). Plus, characters far too often plunge into action blindly where no chance of success can possibly exist. Nobody does that in real life, this makes things look cartoonish. (Like landing on Naboo then finding a magical ship in an underwater city in a pond that brings one tho the other side on the planet through the planet core... yeah, a likely development)

Destroy All Monsters Silver badge

Re: Robes?

Hakamas should be good enough for anybody.

Destroy All Monsters Silver badge

Re: "the original Star Wars movie"

Without the music the film would have totally failed.

IT'S NOT AN ARTHOUSE MOVIE!!

Destroy All Monsters Silver badge

Re: Looking forward to seeing that now

This is the film for me. I like my moral messages to be down to earth: 'Never go anywhere near a war zone, for any reason'.

I think in Apocalypse Now, the message also was "War can be pretty exhilarating at times, just don't be a civvie" or maybe even "You could have won this if you had sold your soul to War God". The play was written by John Milius who was not exactly anti-war even though he took Conrad's "Heart of Darkness", exposing colonialism as source to evidently expose muscular (and morally corrupt) interventionism.

Jimbo's summoned data shoggoth says:

Milius had no desire to direct the film himself and felt that Lucas was the right person for the job. Lucas worked with Milius for four years developing the film, alongside his work on other films, including his script for Star Wars. He approached Apocalypse Now as a black comedy

Dodged a bullet here.

Destroy All Monsters Silver badge
Windows

Re: Don't tell me Star Wars is suddenly great again?

These were good times! Computers were manageable, Batman was in the movie theaters, playboy gals were beautiful and the summer was hot & long.

Jimmy Carter was underappreciated. Then he got rogered by an October Surprise of military incompetence.

Will Wikipedia honour Jimbo's promise to STOP chugging?

Destroy All Monsters Silver badge

Re: Endless begging emails

F.U. Joerg and I hope you choke painfully on a ham sandwich.

Destroy All Monsters Silver badge

Re: Simple

Sad truth.

Destroy All Monsters Silver badge
Mushroom

SQUEEEE!

Seriously, there STILL isn't any mentally sane way to enter reference information on Jimbo's Forever Train Ride. Hasn't been for 15 years or so.

On a site that insists on "citations" and "references" one would think they would get an ulcer, I mean an intern to work on it a bit for a few dollars. NOPE! NADA! NOTHING HAPPENS!

It's just an embarassement and reaching the "retarded bad" levels of the Firefox print menu or the file picker for that matter.

DDoS in 2017: Strap yourself in for a bumpy ride

Destroy All Monsters Silver badge
Pint

Obligatory

I we had regime-change in Russia, all of this could be avoided.

US voting machine certification agency probes potential hack

Destroy All Monsters Silver badge

Not yet!

Destroy All Monsters Silver badge
Big Brother

Re: Not state sponsered but

How we can we even know this is not fake news, or even a CIA operation to seed doubt and uncertainty? (The CIA is pretty good in these, running them on the national level? Yes we can!)

During the Bush years, I remember unsecure voting machines being fielded and not much peep was raised (someone raised a peep, but he later commited suicide just across the border in Mexico after telling his family he would be home soon. The FBI then forgot to take photos of the scene, or so I rememebr...)

NASA – get this – just launched 8 satellites from a rocket dropped from a plane at 40,000ft

Destroy All Monsters Silver badge

Re: Only perfect storms ?

There are quite a few nuclear-powered basements in the oceans.

Some are even loaded with planet fuckers. Now that's home defense!

Destroy All Monsters Silver badge

Re: Not quite that remarkable

> As impressive as the shuttle was, it was functionally unfit for purpose in almost every single way.

That's because it was mainly a political device (as well as meant for "cutting edge" civilian spaceflight as well as "fast turnaround" military spaceflight). A receipe for disaster.

Destroy All Monsters Silver badge
Windows

Re: hmmmm

First launch 1990. They don't fly too many missions for some reason.

I remember some comic from the early 90s where a neo-soviet satellite is blinded by a Pegasus-launched ASAT so that US B1s can enter Neo-Soviet Airspace unseen to drop bomb props on a city because POTUS wants a show of force because the Neo-Soviets are hacking the US, left, right, front and center. Unfortunately someone has replaced the props by actual VX-carrying ordinance to get some heat under the politicians' behinds. This leads to a red-phone call with the Neo-Soviet leader (who is likely an AI in any case). Can't even remember the name of the story...

Destroy All Monsters Silver badge

Re: well it makes a change...

Droll!

UK Home Office slurps 1,500 schoolkids' records per month

Destroy All Monsters Silver badge
Big Brother

Omnipotent Government

This is all pretty scary.

Ludwig von Mises had had something to say about that back in the 40s.

Kids, look at the Deep Learnings! (We’re just going to slurp your data)

Destroy All Monsters Silver badge
Windows

Re: Listen, and understand !

I know for a fuckt that you never get totally sick of sick stuff.

Destroy All Monsters Silver badge

Nixon?

Destroy All Monsters Silver badge

Re: Listen, and understand !

No, Google's infrastructure runs Evernote.

Not the same as "controls".

Destroy All Monsters Silver badge

Marv was pretty cool. One of the old-school "AI scruffies".

I don't know how to read him being mentioned in this piece though.

Destroy All Monsters Silver badge

Re: Listen, and understand !

This sounds more like "The Color out of Space".

Do not ask me for my opinion. I do not know—that is all. There was no one but Ammi to question; for Arkham people will not talk about the strange days, and all three professors who saw the aërolite and its coloured globule are dead. There were other globules—depend upon that. One must have fed itself and escaped, and probably there was another which was too late. No doubt it is still down the well—I know there was something wrong with the sunlight I saw above that miasmal brink. The rustics say the blight creeps an inch a year, so perhaps there is a kind of growth or nourishment even now. But whatever daemon hatchling is there, it must be tethered to something or else it would quickly spread. Is it fastened to the roots of those trees that claw the air? One of the current Arkham tales is about fat oaks that shine and move as they ought not to do at night.

Destroy All Monsters Silver badge

Is it as far out as Dhalgren?

Uber to Cali DMV: Back off, pal, our 'self-driving cars' aren't self driving

Destroy All Monsters Silver badge
Paris Hilton

Ermmm... lawyers? insurance? Hello?

I foresee a swarm of lawyers and a dearth of insurers on this genius non-self-driving-self-driving car thing. This gonna be gud!

Destroy All Monsters Silver badge

> In France, Belgium, or Barcelona, you can totally bet on it.

Those are not self-driving. They are stolen, and a midget is driving them to the next ferry to Marrakech.

Poor software design led to second £1m Army spy drone crash

Destroy All Monsters Silver badge

Tomorrow in the Mail:

PUTIN commandeers ZOMBIE AIRPLANES!

What do microservices do to data stores? Netflix is built on them and had no idea!

Destroy All Monsters Silver badge
FAIL

Re: Stop the madness

Running multiple copies of same service (software function) increases reliability and resilience.

This is about resilience, yes. But it does not have much to do with microsoervices.

Microservices are nice if you are implementing neurons or other silo-able stuff that is still able to function well when it has to throw data over the network. Anything with a adatabase generally won't fit.

The concept of Micro Service is nothing new, remember CORBA from the 80/90's? where the designers did envision many small software components communicating with each other over a shared bus.

No - that was about superceding the "socket" data exchange approach by offering remote procedure calls into objects somewhere on the (rather local) network (as in "Object Request"). RPC is still a bad idea in 2016 btw. Use message exchange instead of pretending a remote service is local.

Learn your way round the Internet of Things in a day? Course you can...

Destroy All Monsters Silver badge

Mite be cool

Before coming to the workshop, please, install Oracle VM VirtualBox and Vagrant. Also, please download and install the virtual machine which will be used for the course (about 5GB), using the following commands from an empty folder (if you do not have wget on your machine, you can download the json file using your browser):

Level sounds good.

Destroy All Monsters Silver badge

Re: The Register

"Purrr......"

Is that a vulture I hear?

BlackEnergy power plant hackers target Ukrainian banks

Destroy All Monsters Silver badge
Facepalm

Re: Ukraine has something even more to fear

> pro-democracy, anti-corruption groups in Ukraine

The whole country is just a pie for oligarchs, mobsters, extreme nationalists and possibly the "National Endowment for Democracy", what are you on about? I you expect DEMOCRACY! to spring up like that, especially after ultra-right-wingers were glorified in the "western free press" (complete with explained-away iconography) and are in control of security services, I have got a bridge to sell you.

They just got visa free travel for Europe as a show of solidarity, that's gotta count for something right?

> anti-Ukraine, pro-Russia team

What are you smoking during the day, then? How about "not interested in stirring up trouble in the ex-Soviet zone for the beautiful eyes of neocons".

"The West" (more like, the Blob) better normalize relationships, and then work from there. The unreal Freedom Fantasms of the up-militarized-by-NATO European supine and "self-interest-free" decision makers is especially disheartening.

Security! experts! slam! Yahoo! management! for! using! old! crypto!

Destroy All Monsters Silver badge
Windows

Here is the full quote by Eugene Spafford:

This quote is about security of computer systems. It appeared in "Computer Recreations: Of Worms, Viruses and Core War" by A. K. Dewdney in Scientific American, March 1989, pp 110. It was later misquoted in the book @Large: The Strange Case of the World's Biggest Internet Invasion by David H. Freedman and Charles C. Mann. (The misquoted version refers to titanium and nerve gas -- I never said anything like that.) The original quote is: " The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts. "

Of course, the usefulness of such a system is marginal at best.

Destroy All Monsters Silver badge
Windows

Re: Not as smart as we think

This is not the problem.

Crypto comes prepackaged nowadays (i.e. in libraries) so you are not supposed to roll your own or code up an algorihm described in a paper xeroxed from "Proceedings of...". You certainly need to understand the context in which this or that crypto algorithm shall be applied, and you may want to know what happens under the hood, and there is an excellent book on the subject: Applied Cryptography Arguably the book to which Schneier owes his Guru Status,written in 1996. (20th Anniversary Hardcover USD 70.00 WTF!)

However, the crypto sauce lives and is executed inside a technological/social/economic context. Bad thinking, bad implementations, bad politics, bad policy, bad economic pressures, bad languages, bad code, bad timing, bad luck, bad OSs, bad laws, bad deployment, bad developers and bad bosses will cause the deployed system to be insecure, even if the crypto is top notch.

Indeed, there is a book on the subject: Secrets and Lies, also by Schneier (written in 2000? so long ago already?), in which he tells people that crypto is not a silver bullet at all, contrary to what he believed when he wrote Applied Cryptography. The introduction is still as important and readable as it was back then.

Destroy All Monsters Silver badge
Thumb Up

Ah! Good idea. Evident in retrospect...

Destroy All Monsters Silver badge
Headmaster

"The MD5 hashing algorithm has been considered not just insecure, but broken, for two decades," says Ty Miller, director of Sydney-based security firm Threat Intelligence, noting that MD5 collision vulnerabilities were found in 1996 with practical attacks developed in 2005.

Which is COMPLETELY irrelevant when talking about salted and hashed passwords.

Some director of a security outfit (ok, he's just the director, tech knowledge may not be his strong point).

The only problem with MD5 here is that it can be computed too efficiently (and then you get a made-up Yahoo account)

How to securely hash passwords?

However, collisions are not an issue for password hashing. Password hashing requires the hash function to be resistant to preimages, not to collisions. Collisions are about finding pairs of messages which give the same output without restriction, whereas in password hashing the attacker must find a message which yields a given output that the attacker does not get to choose. This is quite different. As far as we known, MD5 is still (almost) as strong as it has ever been with regards to preimages (there is a theoretical attack which is still very far in the ludicrously impossible to run in practice).

Yahoo! says! hackers! stole! ONE! BEELLION! user! accounts!

Destroy All Monsters Silver badge
Paris Hilton

Is this some kind of fishing ground?

This I don't understand. Maybe it's late?

Passwords were hashed using the easy-to-subvert MD5 hash. Reg tech staff, on learning of the breach, say they started using more secure ciphers years before this breach.

Why is Reg tech staff tasked with implementing Yahoo ciphers??

And yes, 10⁹ user accounts sounds more like 10⁹ IoNT (Internet of Needful Things) accounts.