Shouldn't it be that the outbreak is magically stopped by a malware author turned security researcher...
76 posts • joined 22 Sep 2009
Awkward... Revealed Facebook emails show plans for data slurping, selling access to addicts' info, crafty PR spinning
Yes, they really seized them
TL;DR: "Rarely used parliamentary powers were used to demand that the boss of a US software firm hand over the details." and "In a highly unusual move the House of Commons serjeant-at-arms was sent to the businessman's hotel and he was given a final warning and a two-hour deadline to comply with the order."
The bug is already identified and a fix has been provided (unofficially) for CentOS. The CentOS bug report for this is https://bugs.centos.org//view.php?id=15193 and the fixed version is on https://buildlogs.centos.org/c7.1804.u.x86_64/kernel/20180820114938/3.10.0-862.11.6.el7.bug15193.x86_64/ and the fix has also been incorporated into the latest CentOS plus kernel kernel-plus-3.10.0-862.11.6.el7.centos.plus.1.x86_64.rpm
So.... interviews at the start of October, by the time they've interviewed the candidates and made their decision and had an offer accepted it'll be at least the end of October. Wait 3 months for them to resign and be released from their current job and they'd be starting around Feb 2019 and this all has to be up and running by March. So start in Feb, fired in March. Good job!
Why the fsck has this person not been in place since June 24th 2016?
I've had two of these mails in the last 3 days and both told me that my password was 'changeme' which, to the best my knowledge, is not one I've ever used anywhere for anything. I vaguely recall it used to be the default password for some java key store as delivered from Sun/Oracle but it's certainly not one I'd choose to use (much too complicated, mine are all 'password', honest). They can send me as many as they want but since I already know I've never been anywhere near an adult site and most likely never will, I'm not likely to be paying anyone anything.
CentOS 6 is in production phase 3
So... yes, CentOS 6 is "supported" until 2020 but the upstream RHEL that it's based on and receives all its patches from went into what Redhat call "Production Phase 3" on May 10th 2017. That means that only security vulnerabilities that Redhat class as "critical" will now be fixed. Anything that's merely "important" or less gets patched if they feel like it and judging by the things that _didn't_ get fixed in RHEL5 once that reached PP3, that's going to mean that CentOS 6 gets less and less secure over the next 2.5 years until it goes EOL.
The one kilobit figure is wrong
Having done a little reading around it seems that the spacecraft has 2 transmitters and both can be used simultaneously if they shutdown other equipment on board. That nearly doubles the data rate to 2Kb/s but that still doesn't explain the discrepancy. I also see that the image data can be compressed by a considerable factor so this is probably more likely to be the explanation - the 50GB figure is going to be the total data size before compression.
Having offended everyone else in the world, Linus Torvalds calls own lawyers a 'nasty festering disease'
> Effectively Red Hat and Oracle have both done that. They publish their own version of the kernel as a tarball
Haha. Not sure if that's meant to be a joke since the main reason that Redhat produce a monolithic patch of their modifications to the kernel is to stop Oracle from hijacking their work.
Bug introduced on June 11th
This is a fix for a bug that only entered the codebase on June 11th and was spotted on the 24th. I suspect almost no distros have backported or shipped such new openssl releases - oh, except Fedora which handily backported the buggy code :-( For those of us running CentOS/RHEL or probably any other LTS distro, the bug never even made it to the code...
device owner gives 4 out of 10
So I bought one of these and by the time you factor in VAT and customs fees it works out at pretty nearly £200. Not cheap. And for that you get a nice looking bit of hardware that attaches to a 20p plastic backplate that's screwed onto the wall with 4 screws. The screws are a decent length and won't come out in a hurry but the backplate looks like it'll just tear off round them. The bell then fits onto the backplate with 4 tiny little plastic lugs that a child could rip off. In addition their special 'security' screws are standard size 5 torx fittings so really would only deter a passing thief who couldn't be bothered to go home and get his torx set out. Oh, and every time you screw those torx screws in, they eat a bit more of the bottom two plastic lugs on the flimsy backplate.
As for the device itself: it can't handle being set up on one wireless network while being configured from a device on another! It just bombs out and leaves the device half setup. And to reset it and set it up again, you have to remove it from the wall so that you can press the setup button on the back. Same goes for recharging the battery, device has to be removed from the flakey looking backplate which looks like it'll only stand a few removal/install cycles before it gives up the ghost entirely. Then there's the device functionality itself...
The videos it takes are full of blocking and static, the audio in both directions is appalling and barely recognisable, motion detection eats 12% of the battery per day so the claimed one year battery lifetime is really a week unless you disable the motion detection. Which is probably a good thing anyway since it goes off about every 30 seconds even with the range setting set to 5 feet.
Then when someone does come to call and rings the bell, it takes a few seconds to come through to my phone but uses the standard android notification sound, there's no ability to choose a different one nor to set its volume individually. So it bongs quietly and half the time I don't hear it and the rest of the time, by the time I've swiped my phone screen to get the unlock screen and entered my pass code then pulled down the notification area from the top and selected the ring app and hit 'accept' 5 times because it doesn't detect when you click on it, the caller has given up and gone away.
The latest android app update has now added a big advert at the bottom of the screen for their cloud storage solution. This takes up about 20% of my phone screen and cannot be removed except by signing up for cloud storage. Thanks but no thanks. No bug fixes in this upgrade, just 20% less useful information.
Can you tell how impressed I am with this? Great idea ruined.