* Posts by s2bu

255 posts • joined 16 Mar 2013


Sysadmin's three-line 'annoyance-buster' busts painstakingly crafted, crucial policy


Re: Oh yeah, _that_ fscker.

Just replace it with AppArmor and call it a day!

Apple iPhone X screen falls short of promises, lawsuit says



Samsung has been using PenTile for 10 years now, since they first started shipping AMOLED screens. Yet now that Apple used it, SUE?

Yes, PenTile is “inferior” to a screen that doesn’t require it, but come on people. Apple ads don’t state subpixel count, so I personally can’t see this suit winning.

Little FYI: Wi-Fi calling services on AT&T, T-Mobile US, Verizon are insecure, say boffins


Re: VPN?

There were issues with IKEv1, aggressive mode, and some of the various crypto methods. If you use IKEv2 and a secure crypto set, you're fine.



"The third flaw found has to do with the way the three US carriers' implement IPSec protection..."

"A practical mitigation for these attacks, the researchers say, involves running a VPN on mobile devices.."

What, pray tell, do they think IPsec *IS USED FOR*?! They already *ARE* running a VPN!

Microsoft polishes up Chromium as EdgeHTML peers into the abyss


Re: And in another project...

The kernel itself is actually decent, after all Cutler designed it after VMS. Granted they did manage to mess it up by shoving the GUI into it, but for the most part it’s decent. It’s just the rest of Windows that’s a bloody mess!

Official: IBM to gobble Red Hat for $34bn – yes, the enterprise Linux biz



Let’s hope they don’t let Poettering near the OS/2 source code. Instead of OS/2 Warp, we’ll get OS/2 Impulse Red Hat edition, now with PulseAudio and systemd!

We've found another problem with IPv6: It's sparked a punch-up between top networks


El Reg & IPv6

I think El Reg looks for anti-IPv6 material just to run stories that they can use as a reason that they haven’t deployed it yet.

Judge bars distribution of 3D gun files... er, five years after they were slapped onto the web


Re: Where is the NRA?

The NSSF is the group that represents manufacturers, not the NRA.

IPv6: It's only NAT-ural that network nerds are dragging their feet...



I'm starting to think that El Reg only runs these IPv6 stories as a way to troll for more clickbait :(.


Re: Mobile devices / 4G networks

Most actually do, at least in the US. AT&T does, Verizon Wireless does. Sprint doesn't seem to. I'm not sure about T-Mobile..


Re: "the world is clinging stubbornly to IPv4"

"I like the fact that NAT means I can kill a lot of external access at the firewall."

If your preferred firewall doesn't come out of the box with a default 'deny any any' inbound from the 'untrusted' interface for packets that aren't in response to an outgoing connection, then it's rubbish and belongs in the trash anyways.

Ever seen printer malware in action? Install this HP Ink patch – or you may find out


Re: HP Network Laser Printers....

Indeed, I have a Xerox color laser and a Ricoh color laser that both offer FTP. Since they both support PortScript & PDF, it's rightly handy to print something in a hurry on a new install without printer drivers. I've also used it a few times when I didn't have VPN setup yet. Save to PDF in the app, sftp it to a server on the DMZ, ssh into said server and FTP it to the printer. Printout is ready when I get back!

Xen 4.11 debuts new ‘PVH’ guest type, for the sake of security


32-bit & 64-bit has worked under Xen for many many many many many years.


"Xen" and "XenServer" aren't really identical. While XenServer uses Xen, XenServer is a distribution that is heavily crippled without paying Citrix.

You can do the HA stuff for free using your own distro & regular Xen.

Micro Focus offloads Linux-wrangler SUSE for a cool $2.5bn


Re: Swelling price tag, if not profits

SuSE is so much better than RHEL it isn’t even funny. For grins, go download a SRPM/.src.rpm for a major package (eg, OpenSSL) from both vendors and compare the work that both of them put into it. Even the code quality is lightyears apart.

Chrome sends old Macs on permanent Safari: Browser bricks itself


Re: One in twenty users?


I think you're in the wrong thread... This is about Google dropping support for Chrome on an old version of macOS. Apple has nothing to do with this, and this is about desktops/laptops, not phones.

Oracle Linux now supported on 64-bit Armv8 processors


Re: Don't trust it.

Yes, OL is pretty much RHEL (just like CentOS and Scientific Linux).

Ironically enough, they don't remove MariaDB at all. They do provide MySQL as a separate "channel" (repo) though!


Re: Not just repackaged?

Yes. All of the SRPMS for the entire distribution are on their public-yum repo site (just like RHEL), and the Unbreakable Kernel source is even on github. They pretty much have to supply the code because of GPL.

While the UEK does provide kSplice, Oracle only provides the updates to people who have premier support, sadly.


While I agree with Oracle bashing, I can honestly say that lagging on updates is one thing I haven't seen them do. Obviously for upstream fixes (eg, ones from RHEL) they can't possibly release them *before* RH does, but their turnaround has always seemed pretty fast.

After the first Intel microcode fiasco, Red Hat stopped providing microcode updates in the distro itself, while Oracle has continued to do so. So in one respect, they're "better" than RHEL for people who are running servers where their vendor has failed to provide updated BIOS releases with newer microcode embedded.

The "Unbreakable" branding currently only applies to their kernel, not the distro itself (which is just simply called 'Oracle Linux'). It IS a stupid name though!

IPv6 growth is slowing and no one knows why. Let's see if El Reg can address what's going on


Re: As a consumer with IPv6...

Native IPv6 or a tunnel? Do traceroutes go over the same paths?

There is no reason for IPv6 to be slower.


Re: NAT required

Yet one more time.. most sane firewalls already default to no inbound connections for IPv6. So no less secure than IPv4, but without the NAT BS.

NAT is NOT a security feature!


Re: Privacy issues with IPv6?

That's only when using stateless autoconfig (SLACC), not when using static or stateful autoconfig (DHCPv6). Most OSs default to using privacy extensions when SLACC is in play (eg, outbound connections use a 2nd temporary and random IP that changes).

So no, no privacy issue.



"However, many websites did not support it, and the fallback to IPv4 caused a performance decrease."

That makes *0* sense. If the website didn't support it, there would be no AAAA record in the DNS reply, and so IPv6 would never be attempted in the first place.

Now if the site is publishing AAAA records and yet their IPv6 connectivity was broken, THAT would cause issues (although less so these days with "Happy Eyeballs" in most browsers). In that case, they really should either fix their connectivity or unpublish the AAAA records.

Void Linux gave itself to the void, Korora needs a long siesta – life is hard for small distros


Re: Void can be forked

I really hope Void manages to sort all of this out. It's currently one of my favorite distros, especially their MUSL variant. With MUSL the resource usage is low, and with runit (instead of systemd) it boots crazy fast. Add in LibreSSL for fewer security issues, and it's an amazing combination!

Sysadmin unplugged wrong server, ran away, hoped nobody noticed


Re: X.25

You had me right up until the "HP/UX" comment. HP-UX is an abomination that deserves to die a horrible death. Tru64 was much better, HPaq picked the wrong *IX to kill :(.



On a side note, I worked in telecom for a few years and worked with a guy that I'm pretty sure helped design X.25. He would speak for hours about how superior it was to anything else until you managed to silently sneak away, or you died from sheer boredom.


I don't get why he didn't just unplug the cable from the back of the server. Surely any self respecting geek/admin has plenty of spare cables to use? It's a lot easier than hauling the server *AND* cables back and forth!

Brains behind seL4 secure microkernel begin RISC-V chip port


Uh, no. They're buying things to bruteforce the passcode. The secure enclave is where fingerprints, credit cards for Apple Pay, etc are stored. They're not breaking into THAT.

Using Outlook? You should probably do some patching


Outbound too

It says outbound also. I doubt most residential routers ship with outbound rules in place by default.

Get the FTP outta here, says Firefox


Re: "FTP sends data as plaintext and just wasn’t designed for the modern web"

Even still, most browsers support up to 10 connections at once anyways, so the performance penalty for using FTP is fairly minimal, except for possibly the multiple CWD commands..


Re: Reasons?

And by the Web 3.0 jquery Frankenstein-like monstrosity of a website already has to download 20MB of crap just to display basic HTML, so the speed delay caused by using FTP is already blown anyways!


Re: pardon, me ignorant

There is both FTP/S and FTP-TLS, which perfectly secures FTP. vsftpd supports both.

'Extreme, unnecessary, overheated': US judge slams Oracle salvo in HPE Solaris squabble


Re: Eh?

I think their complaint isn't "support" of "Oh, your disk is full? Let's find some things we can delete", it's "support" as "Here are this month's patches from Oracle's support page!".

Since the patches are in essence binaries, they're "works", so copyrighted.

Furious gunwoman opens fire at YouTube HQ, three people shot



Biometric, it takes a mere second to open it, and it's already loaded and ready to go.


Let's think this through logically. My gun is locked in a safe under my bed. If the invader doesn't know that the safe exists, doesn't know the code to it, and somehow doesn't run off from the alarm, etc. If he comes busting through the bedroom door on the opposite side of the room, how is he going to somehow use my gun against me? How is somebody else going to use it against me? They're not.

Most cases where that is true is when the gun is stored improperly.


Huh, it's harder to jump? How so?


And so do car accidents, but that doesn't mean that the CDC should be studying those. There are other agencies for that. Hint, the word 'DISEASE' is in the name of the CDC.

Most "gun nuts" could honestly not care what the study shows in the first place, so that argument doesn't even make any sense.


Re: Free Firearms For All!!!

What about people that can make bullets and load them themselves. What are you going to do about them?


Agreed that video games don't cause behavior. On the other hand for somebody that already has that behavior, they make damn good simulators to get proficient at killing! The military even uses them.

I personally blame the increase in shootings on big pharma, especially SSRIs. When Chantix, a stop smoking drug, causes people to wake up somewhere and they have no clue how they got there, what they did along the way, etc, and somehow is deemed perfectly safe by the FDA, you just have the wonder.


The NRA didn't really squash research, except for by the CDC. Yes, the Centers for Disease Control. The people that really should be worrying about the flu pandemic and not gun control. There are plenty of other departments and NGOs that can go study gun control all they want to. Just because the CDC can't do it doesn't mean that everybody else has their hands tied.

That's like saying that the USDA can't study Teslas slamming into concrete barriers, so nobody knows what the problem is!


Yes, because somebody that wants to kill themselves would go "Dammit, I can't get a gun, oh well!" and not just do suicide by cop, jump off of a building/bridge, jump in front of a bus/train, slash their wrists, etc.


Re: 'Well for a start I'd ban religion'

Except the amendments that have been repealed have all been things that you can't do (eg, prohibition), or making slaves free and such like that.

The Bill of Rights don't give you the rights. The Bill of Rights explicitly state that the rights are something that you're born with. The amendments are to tell the government what they CAN'T do with those rights. So repealing the 2nd doesn't exactly take those rights away. It would unshackle the government though, sure.


Re: Of all places

Nothing, but it's really sure of a lot easier to just build one with a drill press than it is to drive the hundreds of miles to another state.


Re: Of all places

How does open/concealed carry have anything to do with mass shootings or even gun ownership? You're conflating two different things. Do you really think some whacko is going to go "Man, I'd love to go shoot up my work, but damn, it's illegal to carry my gun there?"

Guccifer 2.0 outed, Kaspersky slammed, Oz radio hacker in the slammer, and more


Re: Trump

Cold War 2.0!

Aka the US is upset that somebody else dare do to us what we constantly do everywhere else on a routine basis and even admit to doing it!

Linux Foundation backs new ‘ACRN’ hypervisor for embedded and IoT


Intel? Embedded?

The idea of making an embedded hypervisor that is Intel-only for now is definitely a great way to make sure that it’ll never really get used!

Intel is horrible in the embedded space. There’s a reason Intel dropped its Curie module, after all!

OK, who is shooting at Apple staff buses in California? Knock it off


Re: Use the Trump solution

A lot of young kids are given an air rifle (BB / pellet gun) as a starter. They're quite fun!

I've also used a handheld pellet gun to take out rats in a barn.


Re: Use the Trump solution

Sadly El Reg didn’t include a vital piece of information. The buses were being shot at by a *pellet gun*.

Yes, they can do some damage. However leaving that out and implying that it’s a handgun or rifle is a little misleading.

How back of server pack rat Inspur has sailed into the top-three slot



I'm only somewhat shocked. I actually like Lenovo for their price targets, however the build quality is completely inferior to the old IBM quality. I guess that's where the low price comes into play though :(.


Biting the hand that feeds IT © 1998–2019