* Posts by s2bu

169 posts • joined 16 Mar 2013

Page:

Open-source world resurrects Oracle-free Solaris project OmniOS

s2bu

Re: YAWN

There are literally hundreds of Linux distributions, and yet Illumos and BSD are your examples of fragmentation. REALLY?

6
0

Crashed RadioShack flogs off its IPv4 stash

s2bu

RFC 3021

What, your gear doesn't support using /31s for P2P links?

4
0

GnuPG crypto library cracked, look for patches

s2bu

Re: And Lo!

And not lib*g*crypt?!? :)

I believe libcrypt is OpenSSL

0
0

Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide

s2bu

Major flaw in article

The article states:

"since the malware writers must have known that the email address would be shut down quickly, which cut off access to funds".

That's not true at all. BitCoin doesn't use email. The email was to tell the writers that you sent them a BitCoin so that in theory they'd email you back your decryption key. They can still receive the ransom even without access to the email account!

1
0

Ever wonder why those Apple iPhone updates take so damn long?

s2bu

Re: Whatever the reason given - it's bollocks

The rest wasn’t the file system itself. The test was the conversion!

I’m sure there was a thorough test before hand, and it was done in a way to insure that it couldn’t cause damage. What better would you recommend to test something major like this across every possible combinations of things?

6
10

Xen warns of nine embargo-worthy bugs

s2bu

Re: Wow

AWS has managed to apply past XSAs without rebooting, so I'm not sure why you assume that this one will be any different?

I'll take any information that Linode provides with a huge chunk of rock salt.

1
1
s2bu

Wow

Wow, Simon, did somebody in the Xen project cross you or something?

First off, the crazy 3^2 comment.

Second, the comment about how they want to reduce publicity and you linking it to your previous story. You know, the story where the Xen project team responded in the comments and explained exactly what was going on, and no, PR had nothing to do with it.

Then you mention that indeed, Xen has live patching (AWS has had it for ages), and yet put reboots in both the subhead and the body. Mass reboots sounds like a Linode problem, not a Xen problem.

Then the comment about mass migration to KVM. The comments in your previous story mention how KVM has bad security also (along with VMWare, Hyper-V, etc), they're just not as announced as such. There's a reason that the major cloud providers use Xen and not KVM. I'm sure if KVM was so much better than Xen, AWS wouldn't keep messing around with Xen!

6
2

It's 2017 and Windows PCs are being owned by EPS files, webpages

s2bu

Re: Riddled to high heaven

The Linux kernel has had a few CVEs lately too.

As much as I love Linux, I've been leaning towards Illumos, NetBSD, and FreeBSD lately.

9
0

Secure Boot booted from Debian 9 'Stretch'

s2bu

Re: UEFI needs to *JUST* *DIE*

... and also handy things like the Tianocore UEFI shell, which can come in really handy and do things like configure hardware (CNEs, RAID controllers, etc) before the OS. UEFI GOP support, which is used heavily by FreeBSD's bhyve hypervisor, etc.

2
0
s2bu

Re: UEFI needs to *JUST* *DIE*

Intel ME and such has NOTHING to do with UEFI.

UEFI does add features, such as boot management without resorting to another layer like GRUB. Decent PXE support without using iPXE, etc. Also having your OS being able to write to the UEFI "console" and having that automatically go to the local screen, IPMI serial redirection, etc without having to reconfigure the OS ISO to point to an emulated serial port is awesome!

UEFI isn't tied to Intel. The same people making your old buggy BIOS is also making your new buggy UEFI, just without the last 40+ years of legacy crap that they're having to emulate.

2
0
s2bu

Re: UEFI needs to *JUST* *DIE*

UEFI itself is fine, it's just Secure Boot that needs to die.

1
1

Apple's zippy silicon leaves Android rivals choking on dust

s2bu

Re: It's just a shame

And don't forget the Mach part too!

1
0

Finally a reason not to bother with IPv6: Uh, security concerns...?

s2bu

Re: If IP6v hadn't been made so goddamn complicated...

bob: say it with me: "NAT is NOT a security device!"

Just about any router worth its salt that can grok IPv6 can block inbound IPv6 connections by default just as easily as it can IPv4 without NAT. This is basic stateful firewalling aka connecion tracking in Linux. Hell Verizon Wireless does this automatically for all of their IPv6 clients.

4
1

Mac Pro update: Apple promises another pricey thing it will no doubt abandon after a year

s2bu

Re: We've let you down...

Clones pretty much almost killed Apple last time. Why would they go down that same road again?

14
1

Startup offers $10,000 to Silicon Valley techies … who will leave Bay Area

s2bu

Re: Yes, but...

Property taxes are one thing, but CA's state income tax levels are completely insane. It would be one thing if property and/or sales taxes were lower because of it, but they're not.

0
3

NetBSD adds RPi Zero support with 7.1 release

s2bu

Re: Variety of reasons

Not to mention it's amazing build.sh build system that can pretty much build for any arch from not only any arch but also from almost any other OS!

0
0

Force employees to take DNA tests for bosses? We've got a new law to make that happen, beam House Republicans

s2bu

@Someone Else

Please. Both parties (actually ALL politicians for that matter!) are lying scumbags. I'm pretty that it's in the job description somewhere...

6
1
s2bu

@AC

Nope. That's the Libertarian Party.

1
1

Windows Server ported to Qualcomm's ARM server chip. Repeat, Windows Server ported to ARM server chip

s2bu

Re: Genetic Diversity...

I think Alpha Processor Inc had a machine that would take either a Slot-B Alpha or AMD x86 CPU.

0
0
s2bu

Re: Open BIOS? - why ?

A lot of the AArch64 Linux distos actually seem to use u-boot to boot an EFI shim and then EFI boot the OS.

I believe the AArch64 server standards mandate UEFI.

0
0
s2bu

Re: Hyper-V?

Since when does MS have ANY expertise in emulation?

Their aborted Windows 2000 build for Alpha had x86 emulation, but it was just DECs FX!32 emulator from the NT days embedded. So it wasn't MSs code doing the emulation work.

3
2

Finally proof that Apple copies Samsung: iPhone 7 Plus halts, catches fire like a Galaxy Note 7

s2bu

Re: Statistically speaking

Polarity switching? WTF are you smoking? The Note 7 issues had NOTHING to do with chargers. Samsung's own investigation even said it was two completely different BATTERY issues:

'After months of investigating, Samsung is pinning all the blame on two separate battery flaws, insisting nothing was wrong with the phone itself.

For those who want to get a bit nerdy, here’s what Samsung says was wrong with each battery. For the first battery, Samsung says a design flaw in the upper right corner of the battery made the electrodes prone to bend and, in some cases, led to a breakdown in the separation between positive and negative tabs, causing a short circuit.

With the second battery, which came from a separate supplier, Samsung believes there was nothing wrong with the design itself, but says a manufacturing issue led to a welding defect that prompted that battery to also short circuit and ignite.

Samsung said that its design for the Note 7, while demanding on its battery suppliers, was not unreasonable or the reason why the batteries failed. The issues with battery B, Samsung said, were tied to the fact that the supplier tried to quickly increase its production after battery A was pulled off the market.

“We believe if not for that manufacturing issue on the ramp [of battery B], the Note 7 would still be on the market,” Samsung Electronics America head Tim Baxter told Recode.'

11
0

Linux kernel gets patch for 11-year-old local-root-hole security bug

s2bu

Crazily enough, 4.9.12 was just released today and yet it doesn't appear to have the fix in it!

0
0

Dirty data, flogged cores: YES, Microsoft SQL Server R Services has its positives

s2bu

Re: Anyone

I never had any problems using PL/R in PostgreSQL, even in production.

The whole argument in this article about using Python instead isn't even a real comparison. Using server-side R vs client-side Python are two completely different things. If it involves retrieving huge amounts of data, even if R is slower, it's going to be faster on the server side as its not going to involve transferring huge amounts of data.

0
0

Xen Project wants permission to reveal fewer vulnerabilities

s2bu

Re: Yet another reason to

I pretty much agree exactly with BinkyTheMagicPaperclip. I think the biggest problem with Xen right now is that the code is moving somewhat too fast. Eg, PVH became HVMlite which became PVHv2 (or something along those lines). When the target is moving so fast, mistakes happen. On the flip-side, I think once PVHv2 is done and most people can completely skip the QEMU madness (except for Windows guests and such), the attack surface suddenly shrinks a lot. Right now with stub domains, however, it's still more secure than KVM.

I completely agree on KVM being a spaghetti web of different things patched together. Ironically I daresay the best KVM distribution around right now isn't even Linux-based, it's SmartOS. SmartOS hides a lot of the nastiness and makes KVM a lot easier to work with, and also more secure by isolating them off into Zones.

For Xen I've mainly used XenServer or NetBSD as a dom0, both have worked very well, although NetBSD doesn't support PVH mode currently (FreeBSD can run as a dom0 now too). For KVM, I've stuck with SmartOS. I've even added a lot of FreeBSD bhyve into the mix, which is very similar to KVM, except it doesn't use QEMU AT ALL. They all have their strengths and weaknesses. Xen's live patching is definitely a huge plus in its favor, however.

2
0
s2bu

Re: Yet another reason to

Sort of like how RedHat pretty much "owns" KVM? Yes, I know it's a Linux Foundation project now, but RedHat pretty much runs the show, sadly.

And yes, I *DO* run Xen at home, thank you very much!

1
0

The Mail vs Wikipedia: They're more alike than they'd ever admit

s2bu

Click-bait

Did El Reg really just bash somebody else for clickbait?!?!?

6
0

New SMB bug: How to crash Windows system with a 'link of death'

s2bu

Re: Just a quick check

You CAN route IPX, although I feel sorry for the poor sod still using it!

5
0

Hey, AT&T. Help us out. Why is buying Time Warner a good idea?

s2bu

"I can confidently predict the AT&T executives (and Time Warner ones too) will make whatever promises they're asked to.

Then they will go ahead and do whatever they were going to in the first place."

You forgot about the bribes, sorry, I mean "donations".

7
0

Penguins force-fed root: Cruel security flaw found in systemd v228

s2bu

Re: Hate systemd?

I love Slackware, I really do, but I moved to Void.

0
0
s2bu

Re: @Dan 55 right ..

Tell fstab to not auto mount it and then mount it inside the init script once everything is up?

9
0

IPv6 vulnerable to fragmentation attacks that threaten core internet routers

s2bu

Re: Clarification

Sounds like the issue then isn't really atomic fragments, it's badly designed filters enabled by default.

1
0
s2bu

Re: .

"If there's no DHCP just hard code an address as per IP4". If you're talking about 169.254.0.0/16, then that IS link-local! Well, IPv4's version of it any ways.

1
0

Oi, Mint 18.1! KEEP UP! Ubuntu LTS love breeds a laggard

s2bu

Re: Mint v Updating Windows.

WSUS Offline is nice, but for single systems try:

http://www.majorgeeks.com/files/details/windows_update_minitool.html

0
0

Anti-smut law dubs PCs, phones 'pornographic vendor machines', demands internet filters

s2bu

Re: Move along, there's nothing to see.....

Semi-automatic, really. Fully automatic is very very pricey since you can only buy them if they were made before 1986. And yes, there's a big difference between the two.

1
0

Citrix buys Unidesk for massive Microsoft Windows rollouts

s2bu

Re: Shitrix

XenServer is actually really nice!

0
0

Climate change bust up: We'll launch our own damn satellites if Trump pulls plug – Gov Brown

s2bu
WTF?

Revisionist history

"Well, I remember back in 1978 I proposed a Landsat for California ... they called me Governor Moonbeam because of that, so if they turn off the satellites, California will launch its own damn satellites."

Uh, no, that's not why at all:

The nickname was coined by Mike Royko, the famed Chicago columnist, who in 1976 said that Mr. Brown appeared to be attracting “the moonbeam vote,” which in Chicago political parlance meant young, idealistic and nontraditional.

1
1
s2bu

Cost

Taxes in CA are already insanely high. Instead of expecting the state's taxpayers to pay for all of this themselves, surely it would make fiduciary sense to team up with ESA, JAXA, etc? It's not like NASA are the only ones with satellites that are studying the climate.

3
0

Security! experts! slam! Yahoo! management! for! using! old! crypto!

s2bu

bcrypt

Not to be all pedantic, but the article says that bcrypt is "the best". While it's nice and all, Argon2 won the 2015 contest: https://en.wikipedia.org/wiki/Argon2

1
0

If your smart home gear hasn't updated recently, throw it in the trash

s2bu
WTF?

Security expert?

I admire and respect Vixie a LOT, he's a very sharp, very smart man. However calling him a security expert is kind of ironic, seeing that his BIND project has had a terrible security track record.

7
2

Why your gigabit broadband lags like hell – blame Intel's chipset

s2bu

Re: Other Intel Chip

The sad thing is Intel inherited the old DEC Tulip network chips which worked damned well. No clue what they did to the technically to reach this state.

I had two Fortville-based XL710 cards and two previous gen X520 cards. The Fortville ones (post massive recall) still had major firmware bugs that caused them to pull the firmware with NO way to downgrade (the upgraded made a backup but no way to restore it!), and both had issues with SR-IOV and their own embedddd MAC filters. Trashed them and went with Chelsio and never looked back.

0
0

Hospital info thief malware puts itself into a coma to avoid IT bods

s2bu

Keygens

The better question is, do the keygens at least work, so that they at least get SOME positive out of this?

And surely any smart IT person runs a keygen in an isolated VM!

0
0

Apple unplugs its home LAN biz, allegedly

s2bu

Re: Apple reportedly exiting home LAN biz

Actually is does SNMP perfectly well. In fact, as far as I can tell, unless you have the fancy education-only utilities, SNMP is the one way to pull a list of connected clients from the AirPort.

One thing that I loved about the AirPorts is that they simply worked pretty reliably. Most cheapo APs seem to need to be rebooted almost weekly. The AirPorts seem to just work, although I have heard complaints about the mDNS on it being buggy. I'd like to think that it being NetBSD powered helped the reliability.

3
0

Lenovo intros monster disk box

s2bu

Re: Seagate by any other name

Looks to be slightly tweaked. The Seagate says 6Gb SAS while the Lenovo claims 12Gbps.

2
0

Harder, better, faster, stronger (apparently). The IronWolf goes Pro

s2bu

SAS?

A drive labeled "Pro" and yet no SAS option?

2
0

Ghost of DEC Alpha is why Windows is rubbish at file compression

s2bu

Re: Diversity not completely dead

Seeing as Debian dropped support for Alpha, are you really that surprised?

I image most are running Tru64, OpenVMS, or NetBSD.

0
0

Arch Linux: In a world of polish, DIY never felt so good

s2bu

Void

Agreed. I much prefer Void Linux, which hasn't been infected by systemd.

1
0

VMS will be ready to run on x86 in 2019!

s2bu

Tru64

On a completely side note... I'd pretty much give my left testicle for HPe to license out Tru64 development to an outside company. I'd LOVE to see Tru64 make a comeback. It's sad that they decided to continue their horribly inferior HP-UX instead.

4
1

Firefox to doctor Pepper so it can run Chrome's PDF, Flash plugins

s2bu

Re: unsafe at any sandbox

Or even better, Qubes OS.

0
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017