* Posts by o p

17 posts • joined 11 Oct 2014

Baddies linked to Iran fingered for DNS hijacking to read Middle Eastern regimes' emails

o p

Re: Let's Encrypt used by shenigans... what a surprise

If you don't want let's encrypt to issue certificate for your domain, you can block them ( via dns !). The issue issue here is dns hijacking. It seems fairly easy to understand that once you do not control name resolution for your domain it's complicated to discuss privacy, security etc, whatever the protocol or tools.

Florida man stumbles on biggest prime number after working plucky i5 CPU for 12 days straight

o p

There is also an infinite number of even numbers.

Prime is in P. I do not find it intuitive. Maybe you do?

FYI: Drone maker DJI's 'Get it on Google Play' website button definitely does not get the app from Google Play...

o p

maybe it's true

Maybe one the dev find it complicated to go through store process and explained it was faster to make the apk available for download.

The image for the link was not changed simply because they didn't have another available.

I have no difficulty to believe this mix of stupidity, incompetence and carelessness, I see it every day.

Here you go, cloudy admins: Google emits NATty odds 'n' sods

o p

only now?

But how was it possible to use anything on gcp before these nat gw? Was it like Ec2 legacy?? No vpc, public ip addresses everywhere?? Looks like they are in 2005..

The off-brand 'military-grade' x86 processors, in the library, with the root-granting 'backdoor'

o p

Re: For those who happen to know where a cash machine running a 15-year-old C3 might be found

Sonicwall 2040. Still running.

Artificial intelligence... or advanced imitation? How DeepMind used YouTube vids to train game-beating Atari bot

o p


It looks they just copy the actions of a player making the best moves, and compare the result with the "average" player: the reward is based on a comparaison to the frame of the best move at the same time for the same game.

A real "learning" would consist in training on a variety of games but performing on a different dataset ( different games ). For me it looks like they just overfit on a specific game.

Beware! Medical AI systems are easy targets for fraud and error

o p

new programming

This is a new way of programming. Developpers of sendmail did not bother about anything but relaying emails.

Is it possible to control Amazon Alexa, Google Now using inaudible commands? Absolutely

o p

for images too

There is a serie a "déception challenges" on kaggle like this one:


You have to modify an image so that a human won't notice the difference but certain classifiers will be fooled.

But deep learning is not the only victim. For ages english people ask me about the kind of "messages" i am looking for or to repeat some Peter Sellers lines..

NotPetya ransomware attack cost us $300m – shipping giant Maersk

o p

Re: Easy to mitigate

Not0etya used afmin logins. Not vulnerabilities.

It was installed by sysadmins. It did not use internet access.

None of your procedures would help. Not a bit.

GitLab invokes the startup defence to explain data loss woes

o p

Re: Lucky!!

1/ lvextend , resize2fs

2/ vg is full

2a/ physical server: replace first raid1 disk with a bigger one. Wait for sync. Replace 2nd drive. Create new array. Pvcreate vgextend go To 1/

2b/ virtual server: virsh attach. . Pvcreate.vgextend.go To 1/. Or shutdown ,take snapshot. Create bigger volume. Swap disk in vm. Boot. Fdisk. Pvresize. Go To 1/

3/ fix the crap and/or provision more storage.

4/ by the way: check backups are still working

Dirty data, flogged cores: YES, Microsoft SQL Server R Services has its positives

o p

The median for example


o p

Re: A simpler solution?

Won't protect you from key longer, camera + microphone hijacked, unencrypted memory access, graphic card, unencrypted network communications, USB storage access... no, running a vm on a compromised hypervisor is not a good idea.

Mozilla, EFF, Cisco back free-as-in-FREE-BEER SSL cert authority

o p

Re: So how will this work?

Yes but we don't have the details of how it will work.

They say : "enabling HTTPS for your site will be as easy as installing a small piece of certificate management software on the server" .

If this means that a daemon runs on your server, generates private key + csr and send it to a CA, it is very likely that the "management software" will be exploited, sooner or later.

Let's assume it updates itself automatically - a "best practice" nowadays - it will be out of the control of the admin of the server.

You can argue this is already the case with many components on the client and server side, so maybe one more will not make a huge difference. But from the paranoid point of view you can't accept it as really secure solution.

o p

Re: A major obstacle to encrypting everything

No, TLS is a requirement for SNI support, but it is not enough by itself. There are clients which support TLS but not SNI.

o p

Re: Sni limitations.

I manage several sites with audience in europe, us and latin america, ie8 / winxp traffic is still something can you can hardly discard because "they should upgrade".

I suppose it would be even much more the case if we had customers in China. And I would like very much to have customers in China, and I would certainly not prevent them to pay for content because their browser is not sni capable.

o p

Sni limitations.

SNI is not supported by ie 8 / win xp ( which supports tls ). It can make up significant percentage of your audience

So if you have a merchant site for example, this is not always something acceptable. Note that you can use a single certificate with multiple alternate subjects, but it is not practical for mutualised hosting.

If these certificates are not signed by an authority already installed in more than 98% of Web clients, the whole thing is pointless.

Microsoft confirms Surface NOT DEAD YET, next-gen version coming

o p

Re: ...or what it might look like.

I have one. I like it, even with win8, the weird keyboard and the impossibility to replace the battery.

Unlike an android tablet it's a real pc and it's lighter than most laptops, with a great screen and a good battery life.

The main issues are the price and the locked container. no drive / memory / battery swap. Maybe they will fix it on the 4th generation.

Biting the hand that feeds IT © 1998–2019