* Posts by Crazy Operations Guy

2222 posts • joined 29 Jun 2009

FBI boss: We went to the Moon, so why can't we have crypto backdoors? – and more this week

Crazy Operations Guy

Re: if we can put a man on the moon, we can...

Actually, we can fix world hunger. Humanity currently produces about 30 trillion calories of food per day, enough for every human to have 3500-4000. We also have the technology and manufacturing capacity to solve the distribution problems. The only problem is getting the funding to do so (current estimates peg it at about 100-150 billion USD per year to cover >95% of the human population).

10
0

It's 2018 so, of course, climate.news is sold to climate change deniers

Crazy Operations Guy

Re: Nothing worthwhile in the post-2012 gTLDs anyway

I've been thinking about updating it to do stuff like what you recommend; right now its just a simple shell script that I wrote back in later 2012 and isn't much more than a 'curl', a dozen 'sed' lines, and the 'kill -HUP' to restart bind.

5
0
Crazy Operations Guy

Nothing worthwhile in the post-2012 gTLDs anyway

I've been running my own pseudo-root DNS server just so I can block so much of this bullshit. It grabs the root.zone file off the internic ftp site once a week, then goes into the downloaded file, and rips out every TLD longer than 3 characters, most of the 3-letter ones, and a selection of the two-letter ones. Absolutely no regrets.

I even block my employer's gTLD since it does nothing but redirect to the appropriate sub-domain of the .com page (really, all it is is a bunch of CNAME records for each of the subdomains with an @ CNAME to point to www.company.com).

9
1

Scam alert: No, hackers don't have webcam vids of you enjoying p0rno. Don't give them any $$s

Crazy Operations Guy

Too bad I haven't gotten one

I'm one of those weirdos with a password manager and no passwords are re-used, so if I see a password, I can tell you exactly where it was gathered from...

16
0

California lawmakers: We swear on our avocados we'll pass 'strongest net neutrality protections' in America

Crazy Operations Guy

When will they just make the internet a public utility already?

I've been wondering what it would take for states to finally just sell internet services as a public utility already. The local government here seem to not be terrible at providing fresh water, sewer, electrical service, trash services, and their municipal internet services for the local libraries / schools / hospitals / public buildings. At the very least, I don't think they could possibly any worse than Comcast and CenturyLink (The only two providers we have here).

10
0

OpenBSD disables Intel’s hyper-threading over CPU data leak fears

Crazy Operations Guy

Thermal considerations?

I've always wondered if the cooling effects of a core not being used all the time would give you enough room in the thermal budget to increase the number of cores overall.

I figure that if a core's usage with hyper-threading is less than half of its usage when it is turned on, that could free up enough electrical energy and thermal capacity to add in another entire core. The break-even might even be higher than that because you'd be dissipating the same amount of heat over a larger surface area.

It'd add to the complexity of the chip, but if you can squeeze out more performance, it could be worth it.

1
0
Crazy Operations Guy

Such an analysis would be useless

The effects of hyperthreading vary quite a bit based on the workload you are feeding it. The simplest method would probably be to profile a day's worth of work, disable HT, the repeat the exact same workload to see if there is a performance difference.

The easiest way might be to build two systems exactly the same (Same hardware, OS, software, etc. but one has HT turned on and the other doesn't), then run some sort of mirroring device so that both machines get the exact same data and do the exact same work.

I've seen MySQL databases do everything from falling to pieces to flying like a speed demon with Hyperthreading in different states. I've seen it vary that much with the same data, but slightly different queries used to process the data. One of our web applications went from an application-based spin-lock structure to using MySQL's atomic operations, in this case disabling HT actually increased performance about 10-15% despite having half as many threads available.

3
0

Until last week, you could pwn KDE Linux desktop with a USB stick

Crazy Operations Guy

Re: That's a problem with KDE

From my experience, the KDE team is primarily one-off developers that aren't dedicated to the project itself, but are avid users of KDE, so they'll scribble up a code patch, submit it, and it ends up in the tree. Since their code works well enough, the core developers end up ignoring the edge-case bugs and instead focus on the highly-visible bugs or working on features.

Not saying that it is only the KDE project that suffers from this, its becoming quite prevalent across pretty much all software projects, both Open and closed.

13
0
Crazy Operations Guy

I imagine that it is searching a text file to see if it has seen that volume before so it can use user settings versus defaults. Probably so users can set permission-bit-masks, mount options, etc

They author probably just took a script they already had, expecting that someone would replace it alter, but since it functioned correctly, no one bothered to look at the code to see what it was actually doing. Fairly common problem in under-resourced software projects: Someone sets up a script or something as a placeholder for the real code they intend to write; deadline approaches, so code is forced to be shipped without replacing the script; developer ends up working on bugs and other issues and either forgets about the script or just remains busy with fixing broken items versus correcting working code.

2
0
Crazy Operations Guy

Its not running scripts, just a basic injection attack. The script to auto-mount is taking the volume label concatenating it into a string, then running that string as a command in a shell. I presume its searching against a flat-file that maps the volume label to other parameters like mount point, permissions, etc. that get fed into the mount command.

Since it is running arbitrary code, you -could- tell it to run a script, but it doesn't have to be.

11
0

Linux laptop-flinger says bye-bye to buggy Intel Management Engine

Crazy Operations Guy

Re: Alternative?

ARM is probably going to be your best bet for a system without a crap management sub-system running on it.

9
0

Crazy bug of the week: Gnome Files' .MSI parser runs evil VBScripts

Crazy Operations Guy

@Orv Re: Over complicating things

If it was following the Unix philosophy they would have just updated /etc/magic with those file types and used 'file' to determine what icon to display. There is no need to re-invent the wheel, especially with this massive pile of shit.

0
0

Linux Mint-using terror nerd awaits sentence for training Islamic State

Crazy Operations Guy

Voice Modulator

I would have grabbed a copy of Adobe's Voco and did all the audio in Trump's voice or some equally pompous moron that is blundering at full speed into helping Daesh...

2
0

Apple fanbois are officially sheeple. Yes, you heard. Deal with it

Crazy Operations Guy

Re: writing utter b*ll*cks on tabloid websites.

"never "censored" yourself with useless fucking ***s"

I am ashamed to admit that I spent longer than what is reasonable trying to decode what you were trying to say, but couldn't figure out what obscenity was 4-letters long and ended with an 's'...

3
0
Crazy Operations Guy

Re: (delete as appropriate)

A week? I'd say they were tedious the second they were uttered.

I must admit, those words do have their uses, the foremost as an indicator that the writer has nothing useful to add to the conversation and can be safely ignored, a shit-boleth, if you will.

5
1

Linux kernel security gurus Grsecurity oust freeloaders from castle

Crazy Operations Guy

Re: Grsecurity makes money out of Open Source

"You also are free to charge whatever you like for the software, but are unlikely to attract many buyers."

Red Hat seems to be doing alright...

2
0
Crazy Operations Guy

Well good riddance

Their patches kinda sucked and were over-burdened with crap licenses, their code will not be missed.

2
13

Chipotle may have banished E coli, but now it has a new infection

Crazy Operations Guy

Re: Chipotle hit by bank-card-stealing malware

Doesn't matter, any system can be infected. I've done a proof of concept malware for client with PoS systems that was just a bash script that would run tcpdump, filter for credit card numbers with grep, use a bit of sed to combine the information into a semi-structure format, then XOR'ed the data with a pre-shared key (Actually a DNS query to my domain then used the result as the key) then would query my DNS server for a host named <Encoded_CC_Data>.<subdomain>.<my_domain>.com.

The infection method was to just hi-jack the PoS terminals boot process. When the terminal boots up, it sends out a DHCP/BOOTP request, the server would then pass an IP address to client for a TFTP server to receive its configuration. All I had to do was to plug a small system into the network that would emulate a PoS terminal so that I'd get a copy of what the PoS terminals would. Next step was to modify the payload with my script added into it. Once that was prepared, the device would DoS the real DHCP server (Exhaust its addresses) then give out its own address for the TFTP server and give the poisoned package to those systems.

I was able to also a quick nmap and found that the boot server I was attacking was responsible for the entire region and that each store was connected to it by way of an L2TP VPN. With a slight modification of my attack, I was able to infect about 30 stores and about 120 PoS terminals.

The whole thing just used utilities that came pre-installed with the OS, so would avoid any and all anti-malware scans. The only signs of my attack were that the PoS terminals had an extra line in their crontab (the entire script could be condensed to a single line), the DHCP server seeing a little less traffic, and some odd DNS queries coming out of each store's network (Although my domain would, at first glance, look just like a legitimate domain). Hell, I didn't even attack the cash registers themselves, nor any other server, just exploited some weaknesses in the network.

3
0

FCC's Pai: I am going to kill net neutrality in US

Crazy Operations Guy

Re: Yet another example

A better change would be to smash the parties so that no single party could gain a majority without cooperating with others. The current problem is that the government has devolved into "Us versus Them" where if you do not agree 100% with whoever is currently in charge of "Us", then you must be one of "Them" and should be crushed. Of course then, because you do not agree 100% with the leader of 'Them' then you are essentially without support, and without support from the parties, there is very, very little chance of getting elected.

12
2
Crazy Operations Guy

Re: I'm really glad I don't have to put up with this

I also find it funny how that the ISPs still made record profits while under these 'burdensome' regulations. Funny how many new business were able to thrive during this, how the average internet connection got faster, how even massive internet-based companies grew dramatically, all under those regulations...

I find it quite irksome that the same people that keep complaining that government regulations are hurting their business are the same people who own the largest buildings in the world, or that their net worth keeps increasing, or that their profits are also increasing.

36
0
Crazy Operations Guy

There are far too many politicians that believe that the "Rapture" is going to happen in their life times, so there is no point in saving things if all the "good people" are sent up to heaven while the 'heathens' are forced to fight each other for resources, so why leave some behind for them?

It isn't just crazy fringe politicians either, Ronald Reagan believed in it, as well as many other presidents and high-level senators since the 1950's. Reagan actually believed that he could start the rapture by initiating a full-scale nuclear war with the USSR. The same brain damage that causes people to believe in that non-sense is also the same type of brain damage that causes them to think that they are qualified to hold power.

14
5

UK.gov throws hissy fit after Twitter chokes off snoop firm's access

Crazy Operations Guy

Has spying actually made anyone any safer?

I have yet to hear a single attack stopped by intelligence gathered by the intelligence agencies. If they did stop one, wouldn't they be announcing it from the roof-tops? Wouldn't it be the only thing they ever say? But, no, all we hear is "We need more data!" and "Anyone that doesn't give us more data must be a communist / terrorist"

All the recent terror attacks have been lone-wolf affairs by people that haven't really been given any more orders from Daesh than "We hate this list of countries and would love it if someone were to attack it". The various terrorist groups have moved to a completely de-centralized command structure where the people in control are just putting out instruction guides on how to carry out attacks and a guides on selecting targets based on the goals of those in command (Which is 'make the West scared of everyone').

Really, the better option would be to set up community programs where people safe turning in their relatives that they are worried might commit an act of terrorism, or at least not torturing people even slightly related to a terrorist into some inhuman secret prison where they'll never be heard from again. But then something like would require politicians acknowledging that war is not as simple as good guys vs bad guys but rather intensely complex with many, many different sides. Doing so would lose them votes because nothing invigorates the electorate like a big bad evil to fight against.

9
1

Reg reader offered £999,998 train ticket from Cambridge to Horley

Crazy Operations Guy

Private car

So does that fare come with an entire train car to yourself? And do you get to keep the car afterwards? Although I suspect for that much, you could buy your own car...

0
0
Crazy Operations Guy

Re: More Amaz'n prices!

A lot of those are meant for money laundering or drug deals. The seller puts up a $100 item up for sale, but charges $1000 for it so that no one would buy it normally while providing cover for their criminal activity. Everything looks legitimate from Law Enforcement's and Amazon's point of view, so the risk of getting caught is minimal. The only way they could get caught (without getting either end to give up the other) would be for someone knowledgeable about that specific item and what it should cost to report it.

This happened to me a few years back, I ordered some parts for an old system, so ended up buying a module that was 10x the price as it should have been (needed it last minute and needed a new one, it was the only one available at the time). Arrived the next day and overheated after a few hours of use, pulled it apart to discover that the fans were blocked by a bag of cocaine wedged into the device. Reported it to the police and they took it away for evidence, but still haven't gotten the damn device back...

3
0

Boffins supercharge the 'hosts' file to save users plagued by DNS outages

Crazy Operations Guy

I've set up my own DNS servers

I grabbed a pair of old Pentium-4 boxes loaded with OpenBSD and a cron job to wget the root.zone file from internic.org, place it into nsd's zone directory, then kill -HUP nsd. I get my own root server and only a failure of an entire TLD's DNS server would cut me off.

I get unpoisoned DNS (unless someone can poison the root TLD servers...), much quicker responses, better uptime, and no futzing about something as ridiculously unnecessary as this new research.

3
0

Good job, everyone. We're making AI just as tediously racist and sexist as ourselves

Crazy Operations Guy

"be sure not to look at names or addresses on resumes"

One of the things my employer did was to create a sort of pre-screening group in HR that would accept resumes, do cursory checks on them (Make sure we didn't fire them before, make sure they are real people, etc). The resume would then be handed to the hiring manger sans identifying information. The hiring managers would then send pack the ID numbers of the people they felt were qualified. HR would then schedule times for a first-round interview between the candidate and the hiring manager. The first interview would be performed over a text-based channel where no one's identity is known to the other party. Only after the candidate passes that round of interviews are their identities revealed to the hiring managers so that the second round, in-person interviews can be conducted.

Not perfect, but we do have a much more diverse, and productive, work force than before.

22
3

Microsoft raises pistol, pulls the trigger on Windows 7, 8 updates for new Intel, AMD chips

Crazy Operations Guy

Re: Supported processor revisions

Yeah, nothing deliberate but it seems they aren't exactly breaking a sweat to ensure compatibility...

2
0
Crazy Operations Guy

Supported processor revisions

What the hell happened to x86 while I wasn't looking? Wasn't the whole point of x86 that you could run code on both older -and- newer chips so long as the supported the features you need?

I remember being able to run old OSes on hardware that was made 10+ years after the OS was last compiled and everything working just fine. So why wouldn't Windows 7 work on any of the new chips? Unless Intel and Microsoft are purposefully making them incompatible, there is no reason for it.

8
0
Crazy Operations Guy

Re: This should help Apple and Linux

Apple lost my vote when they decided to just up and abandon PowerPC even though they were selling machines with those chips in them just months before the announcement.

I've been trying as hard as I can to stay away from the pool of mediocrity that x86 has become. My main desktop has been AmigaOne systems (An XE back in the day, then a 500, now an X1000), primarily running Mint or a custom-built Linux. Most of server hardware is Sparc-based, might start moving over to ARM in the future.

I used had a late-2005 PowerMac G5 (The one with 2x dual-core chips) after a photographer friend of mine bought one then traded it to me once Apple announce they were dropping support for it.

1
0

Three indicted over sex trafficking operation run on Backpage.com

Crazy Operations Guy

Re: Suppressing prostitution never works

"The issue with that model is that most prostitutes aren't in it for a career, they just want to make a bit of money in the short term"

That would be part of the support network, providing former prostitutes a new identity (Or operate under a nom-de-whore, so to speak) where if they could put some generic-sounding customer service job on their resumes and have former coworkers able to vouch for them. Also, may offer re-location, so that they don;t end up running into someone they knew while working. But I figure that providing safe and secure work spaces, paying a fair wage, and giving them a bit more agency over their bodies, there may be quite a few people wanting to make it into a career, or at least a long-term side-gig.

"Actors, musicians and artists often have agents to take care of their legal, accounting, and marketing needs. Why not also prostitutes?"

Well, the idea of what a pimp does isn't the bad part, its what happens in practice that is the issue. Even in places like Amsterdam or Nevada, the brothel owners tend to go quite abusive on their employees. They're out to make a profit and tend to lack the ability to understand the position they are putting their employees in (forcing them to service terrible clients that otherwise pay quite a lot, in some cases getting away with everything short of murder). In areas where prostitution is illegal, the prostitutes are almost always emotionally abused quite regularly, physically abused in the vast majority of cases, and in many cases, repeatedly sexually abused by the pimp, if not by the client (In many cases, they end up in a situation where if they don't do heinous things for the client, they'll have those same things performed upon them by their pimp).

3
0
Crazy Operations Guy

Suppressing prostitution never works

There will always be a demand for sex, so when will politicians get it through their thick skulls that the best way to protect women would be to make it legal for them to actually report being trafficked (As of right now, in the US, the police will arrest prostitutes alongside their pimps and treat them both equally guilty).

Sex trafficking in Canada has dropped dramatically since they decriminalized selling sex. One of the primary methods in the US for pimps to control their slaves is to find women with children that in the country without a visa, and have someone complicit in the operation take joint-custody of the child. That way, if the woman were to attempt to report the trafficking, she'd end up getting deported (gotta ged ridda dem e-legals comin' in an' committin' crimes) and separated from their children. Even if the pimp is convicted of being a complete shit-bag, and they end up seeing the inside of a jail cell, then another member of the ring would take control and use the child (and the child is kept in line with the threat of being deported just like their mother).

The (least terrible) solution would be to make prostitution fully legal and use something like the Dutch model to police it, perhaps have regulations such as the business must be owned and controlled by the workers themselves (A sort of sexual co-op) to prevent any semblance of pimping going on. Require, and provide, medical care and regular screenings (paid for by taxes placed on the business), maybe even set up a network for those who want to get out of the profession (offer schooling, relocation services, etc). Make it so that the legal option is prevalent and has very little risk so that few, if any, people attempt to make use of the unlicensed / unregulated services.

6
1

Back to the future: Honda's new electric car can go an incredible 80 miles!

Crazy Operations Guy

Re: One of the factors I'd be interested in

"One issue with EVs is the load they will put on the electric grid and is the grid resilient enough to handle it."

That is sort of my primary concern. Of course that would be highly variable. In a place like Shanghai where most of the electrons come from burning dinosaurs, the conversion losses from fuel-heat-steam-turbine-transformers-power lines-transforms-batteries-motor may actually make that EV require twice as carbon to be tossed in the air to move the same distance as a petrol-guzzling car. But then you might have a place like Reykjavik where the electrons are going to be from Hydro, so that EV is going to put a trivial amount of CO2 in the air compared to a standard car.

What I'd really like to see is some kind of map done up that would show "Here are the areas that using an EV would produce more pollution than a standard car". Figure in all the energy costs and pollution generated from every step of a vehicle's life cycle (EG, manufacturing, shipping costs, daily use costs, disposal, maintenance, etc).

I want to avoid a situation where I am not really helping the environment but rather just moving my pollution to some poor nation on the other side of the globe. Similar to the whole early hydrogen cell issue in that while the vehicle produces less pollution, the energy required to produce and transport the hydrogen in the cell ends up producing almost twice as much pollution.

3
0
Crazy Operations Guy

One of the factors I'd be interested in

I'd be interested to see the overall environmental impact of electric cars versus standard petroleum based vehicles. Specially in terms of manufacturing and disposal impact. Yeah, an electric vehicle doesn't produce pollution -now- but what about disposing of the battery when its capacity wears down to nothing? What about all the by-products required to produce the battery in the first place?

I'm not trying to troll or disparage the electric car idea, I'm just curious about the overall impact.

9
2
Crazy Operations Guy
Headmaster

Re: Back to the Future needed 88MPH, not MPG.

This car would technically get infinity miles per gallon as it doesn't use a gallon of anything...

This car may very well be able to go 88 MPH (but couldn't keep that up for a full hour), the '80 miles' quoted in the article is the -range- that it has, not its top speed.

2
0

Back to the Future 2: Gasp! America's trade watchdog discovers the risks of 'free' movies

Crazy Operations Guy
Joke

"popular TV shows, big-league sports, and absorbing games."

Shouldn't that be 'Biggly sports'? Or has he not received the latest edition of "How to sound like an incompetent blow-hard"

10
1
Crazy Operations Guy
Headmaster

Actually not -illegal-

It is only illegal when you charge for the media and present it as a legitimate copy (Counterfeiting). File sharing is copyright infringement, a civil matter (EG, the company that owns the product can sue for breach of contract or for lost profits, but either way, technically not a crime...).

21
1

US military makes first drop of Mother-of-All-Bombs on Daesh-bags

Crazy Operations Guy

It should be noted that the thing costs $314 Million USD to build, plus expenses related to schlepping the thing from the factory to Afghanistan, then the cost of actually dropping it (Fuel for the aircraft dropping, plus the escorts). All that, just to kill, at most, 800 people (That is the maximum estimate of the number of Daesh fighters in the entire country of Afghanistan).

You could pay every member of Daesh in Afghanistan a half million dollars to stop fighting and it'd still be cheaper than dropping the damn thing...

29
26

TCP/IP headers leak info about what you're watching on Netflix

Crazy Operations Guy

Re: Easy to prevent

@ Networc

Ah, that makes sense. In that case, I assume they are just grabbing an I-Frame + associated P-Frames, waiting for confirmation of reception, then sending the next I-Frame + its P-Frames. I thought they'd be sending based on portions of the video file as stored on the filesystem versus portions of video as stored in its container. Makes sense architecturally since the client would track state rather than being dependent on the server to do so.

Perhaps the solution may be to re-encode the videos with a format that determines the placement of I-Frames on the total number of bytes changed since last I-Frame, rather than number of P-Frames since last I-Frame. Although that would mess with video seeking (although if nothing much is really changing, wouldn't you want to skip to beginning or end of that scene directly? Like if the scene is a new caster sitting still and addressing the audience, so really only the pixels making up their mouth would change from one frame to the next and you would either want to see it in its entirety or skip it in its entirety).

0
0
Crazy Operations Guy

Easy to prevent

Just fill up the window size so its always the MTU, nothing wrong with stuffing parts of the next few frames into the previous packet, and at the end, just shove in some random data. At the very least, it'd cut down on buffering and wouldn't really use all that much more bandwidth since networking devices already expect a 1520-byte packet and use buffers assuming that size (and usually shove packets into the buffer spaced 1520 bytes apart).

This attack relies on the variability of the window size, so if everything is the maximum, there is nothing to analyze. Obviously it would need to find a way of figuring out what that maximum size is (Eg, detecting if there is some piece of equipment in between that lower than expected and causing fragments)

0
0

Prisoners built two PCs from parts, hid them in ceiling, connected to the state's network and did cybershenanigans

Crazy Operations Guy

Re: Hats off to them...

"yep and your little system fails on 2 counts:

1. Mac spoofing

2. Current trend for devices to randomize the MAC."

I take it you don;t know how 802.1x actually works... Reason 1 would be prohibitively difficult to pull off without anyone noticing. As for the second one, if a device pops up on a network that doesn't possess a valid token, the device will be quarantined until the device receives a new token by way of an Authentication back-end. Granting of the token by the authenticator can be done on something as basic as mac address (by far the most common on wired networks) but can be based on any authentication mechanism that the connecting OS has a supplicant for and the switch is able to relay back to the authentication server. I've implemented 802.1x using everything from basic mac address to usernames/password to certificates to manual approval by an authorized admin.

The switch doesn't care what is used to authenticate the conencting client, so long as the authentication server responds back with an AUTHORIZED packet, and expiration for the authorization, and an optional VLAN assignment that the client belongs on. Otherwise the systems is just left on a quarantine VLAN that, usually, doesn't route to anything (Some places allow packets to route out on that VLAN to build a 'guest network' without allowing the system to see packets from secured networks, obviously a prison wouldn't allow that). So if they do implement something a little more than mac based auth, then the system will be sitting there with nothing to do but talk to the authentication server (until an admin notices a weird machine on the network and kills the system).

A place like a prison, where security is key, it would be likely that they'd use the mac to authenticate the system to the network, but would only get them access to the authentication network until their system can convince the authentication server to grant them greater access.

4
0
Crazy Operations Guy

Re: Hats off to them...

"Because spoofing a MAC address is impossible right?"

They'd have to spoof an authorized mac and somehow get the real system offline (Otherwise the systems would just start throwing errors and effectively disconnect themselves), and even then, they'd have to get around the fact that the switch would still yell at the admin about the fact that it is on a different port. So even if they do duplicate both the mac, and somehow connect it to the same port, someone is going to notice that their computer no longer has connectivity.

6
1
Crazy Operations Guy

Re: Hats off to them...

They weren't really good at it, just slightly better than the Prison's staff. Something as simple as implementing port-lock-downs, 802.1x or just keeping ports unplugged unless actually needed would have stopped them cold.

A prison is unique in that the IT staff would be aware of every single MAC address of every machine that should be on the network, at least in the areas where prisoners might be. They should be setting up a monitoring system that screams in their face every time the MAC changes on a port, and if it isn't tied to a work order, someone should go investigate.

Setting something like that up is fairly trivial, I did it in a weekend using FreeBSD, nagios, and radiusd on an old Pentium-3 system that was rusting away in a closet. I get an email every time a machine is plugged into a different port, or a new system is added to the network, even over wireless. Any new device is dropped onto a non-routing VLAN and can only access a read-only ftp server hosting OS install files, patches, and some packages (FTP is in read-only mode, files are modified via rsync on another interface). It wouldn't take much more for the prison's IT staff to do the same.

11
4

Mark Shuttleworth says some free software folk are 'deeply anti-social' and 'love to hate'

Crazy Operations Guy
Flame

Re: Weird

How could he miss all the other wars?:

vi - emacs

BSD - Unix

csh/ksh - bash

C - C++

Monolithic kernel vs micro vs hybrid

CISC vs RISC

fully free vs. allowing binary blobs

And so, so many more, and that isn't even touching the perennial license wars and the eternal coding style wars (I once saw a project implode over K&R versus Allman style indents) ...

If X-windows vs Mir is Shuttle-cock's first *Nix holy War, I'd shoot him for being a pod person that replaced the real Mark less than an hour ago. Either that, or he has had his head so firmly planted in his own ass the whole time he didn't even know there was a world around him.

13
0

Boeing 737 turns 50

Crazy Operations Guy

Re: Tsk, tsk

Pricing on aircraft is highly variable. The price can go from anywhere between $60 million to $120 million depending on features. On one you have RyanAir's "the luggage is treated better than the passengers" air-borne cattle-cars. On the other, you have Emirates' "Even Caligula would think its too decadent" flying palaces.

7
0

Manchester pulls £750 public crucifixion offer

Crazy Operations Guy

Jesus wasn't the only one crucified...

I find it weird that Christians fetishize the whole "Jesus Crusifiction". The Romans did it to thousands of regular people. Although I find it odd that they care about how he was killed in the first place... I always thought that Jesus was supposed to be some kind of paragon of virtue that his followers were supposed to emulate, not some martyr who wasn't really martyred anyway (coming back to life kinda undoes that a bit...).

But then it seems that people care a hell of a lot more about being portrayed as oppressed and persecuted rather than being a proper mensch like Jesus was portrayed to be. Any schlub can get themselves killed, but it takes real effort to be a good person.

13
0

Wi-Fi sex toy with built-in camera fails penetration test

Crazy Operations Guy

Re: WiFi in a device inside pussy, a really bad idea!

*Sigh* how many times do I have to tell people that battery powered devices like this are completely incapable of generating ionizing radiation since they lack the high-voltage components to do so. You'd need to figure out some way of dumping an entire battery's energy into a burst of a few nanoseconds to get any ionizing radiation, and even then, that radiation is no where near harmful to organic matter.

Being within a meter of another human is going to generate an infinitely larger amount of ionizing radiation (Due to the natural break-down of carbon-18 into carbon-16 as part of life) than a cell phone would produce, much less something like Bluetooth.

23
0

Good Guy Comcast: We're not going to sell your data, trust us

Crazy Operations Guy

Re: Don't use your ISP's DNS

No, no it would not. Logging DNS traffic is trivial, at best, to grab from users' streams. I am doing it right now for 250,000 people (My employer). I'm just using some old servers to do it while an ISP will have access to much larger and more efficient systems (If they aren't already doing it).

I'm just picking up all port 53 traffic going in and out of the network, and correlating it with the http and https traffic. I have the ability to see what websites everyone is viewing and how much traffic is going back and forth (I can only see domain when it comes to https). For the most part, its a simple matter of matching an http steam's destination IP to the DNS responses the user's system recently received. All of it is done with open-source tools and a little know-how.

ISP would have an incentive to produce much higher quality tools and invest in higher-end equipment since they'd make so much off of selling that data. I'm just tracking this data to identify malware activity and web traffic is very much against company policy (The policy violating traffic is really only because HR is requiring me to do so, personally, I couldn't care less about it).

0
0

Yee-hacked! Fired Texan sysadmin goes rogue, trashes boot business

Crazy Operations Guy

"So the backups were accessible to such a degree remotely? They had zero offline backups?"

The system processed orders, so even if they had backed up the system 5 minutes before hand, the system still would have information, such as new orders and orders ready to ship, that isn't in the backup.

Depending on volume, the number of orders lost could easily become more valuable than the cost of a new server. This would especially be true if they are customer-focused; If you were a customer that had paid for merchandise and received a confirmation email detailing the same, would you stand for the company telling you "Sorry, we lost your order"? On the other hand, a customer's order may have completed processing and shipped so a full manual search of which orders are still in the shipping dock, which have had shipping labels applied, which labels are on a truck, etc.

1
0

Forums

Biting the hand that feeds IT © 1998–2018