* Posts by DanielR

48 posts • joined 7 May 2015

Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?

DanielR

The very people making the accusations like the NSA have been caught planting malware into Cisco hardware. The BMC have their own port and embedded operating system and web console seperate from the motherboard. I had one myself for a Sun server they called it Lights Out Management.

Nobody in their right mind would have this unprotected without behind a vpn / firewall. I can tell you this gets brute forced.

The level of effort for little gain is a dead give away. If the BMC isn't even connected then this hack is useless too. I am not sure if it's part of the motherboard or a daughterboard as the Sun server's was.

I can only presume it's seperate and "isolated" although it gives you full access to the server terminal like a keyboard and monitor. To configure the bios and power cycle etc.

But what is for sure they think because it's a remote console, and mention malware plant, they think people will automatically believe them. I want to see packet inspection logs !!

Better late than never: nbn™ DOCSIS 3.1 upgrade starts

DanielR

They claim the upstream has been the problem for years not the actual coax and Foxtel stealing most of the channel bandwidth !!

DanielR

I find it amazing. They are trying to implement snake oil to cover up the need to split nodes. Sorry, you are going to have to do that too.

This is not going to fix the connection problems I have experienced with both Telstra non NBN HFC and TPG NBN HFC.

Telstra - Extremely random disconnections without warning which could take anywhere between 3 hours, 6 hours or 3 days to reconnect !

TPG - Daily PPPoe disconnections. About 10 per day for 5 minutes each. Modem lights not flashing. You can't even login to a console to check a status with Arris.

Just reduce all this complexicity and provide full FTTP direct to a SFP port on an EdgeRouter FFS. Stop mucking around with experiments and provide a professional connection.

'Fibre broadband' should mean glass wires poking into your router, reckons Brit survey

DanielR

NO KIDDING. EdgeRouter-X SFP ONLY. I've been saying this all along.

https://community.ubnt.com/t5/EdgeMAX-Stories/EdgeRouter-X-SFP-is-Super-Versatile-for-airMax-to-Fiber-install/cns-p/1305124/page/2

Russia appears to be 'live testing' cyber attacks – Former UK spy boss Robert Hannigan

DanielR

The UK and the NSA are the masterminds behind cyber attacks themselves. They are not a credible source. Ransomware attacks using NSA malware have hit many of our government servers here. Because they are outsourced too.

Whois? Whowas. So what's next for ICANN and its vast database of domain-name owners?

DanielR

ICANN has been facilitating cyber criminals the entire time. There is no regulations on registrars whatsoever even though you pay the extortion fee to them and which isn't even quoted anymore so likely hiked. And criminals can buy up bulk domains with fake details. In the past it was using yahoo addresses. Now they can cover themselves up with private registration.

These criminals in the EU are a farce too. There is private registration. And they themselves collaborate with the US to commit mass hacking and spying and even hack each other although the US spies on the EU the most.

I still call for ICANN to be disbanded. We wouldn't have malware phishing sites if it wasn't for them.

Sysadmin hailed as hero for deleting data from the wrong disk drive

DanielR

Amazing story and very funny hahaha.

Must be Get Data Back. Not many can recover full paths and names as getdataback can.

4G found on Moon

DanielR

As if the snake oil radios scam couldn't be even more of a joke.

This explains the joke exactly. HD lol.

"The base station should be able to broadcast 4G using the 1800 MHz frequency band and send back live HD video feed of the Moon's surface, which will be broadcast to a global audience via a deep space link."

nbn™ to ISPs: share your speeds or we'll share 'em for you

DanielR

They have yet to expose they have stuffed up with the HFC gamble. After just realising hardly anyone is connected to it. No HFC lead in ? no NBN let alone no non NBN HFC. They have to dig trenches too.

DanielR

So they are going to release data exposing they stuffed up and the copper wires was always the problem ?

I have attempted multiple times to get information on the areas that got FTTP and they have refused. Trying to cover up their fraud.

So NBN. Be my guest. Expose how trashed the dialup tin can network is.

Massive US military social media spying archive left wide open in AWS S3 buckets

DanielR

I don't believe they scrape. I believe they exploit security holes in the Facebook API. They just need the profile ID.

Live blog: Fired FBI boss spills the beans to US Senate committee

DanielR

Voting machines have been hacked in many elections for years. I bet they have no answer why people were having Clinton being chosen for them or the voting count discrepancies ? They hack them themselves.

I would concentrate on the payments to Flynn from turkey and Russia instead. There was no hacking. The CIA and NSA are the cyber criminals here.

DanielR

Asking to cover up foreign bribery. This guy was taking payments from Turkey to influence foreign and military policy. Trump asks to cover it up.

Trio charged with $4m insider trading by hacking merger lawyers

DanielR

"The defendants are charged with targeting at least seven top international law firms with offices in New York, which advised companies on corporate mergers and acquisitions."

That mass spying is working well I see. Can't even allocate money to build up defences it all goes to spying on civilians.

Security! experts! slam! Yahoo! management! for! using! old! crypto!

DanielR

Execute the ignorance. But where would the salt be coming from considering it can't be stored as a config on the server and it needs to be recoverable for database lookups ?

I meant if that salt is stored in a config that would be the first place to look on the server,

Botched Microsoft update knocks Windows 8, 10 PCs offline – regardless of ISP

DanielR

I also tried drastic things like reinstalling the wifi client driver. Going into settings and choosing "Network reset" both fixed the problem temporarily. But then drops off again. Why would it be trying to refresh DHCP like that ?

DanielR

That's it. What a head fuck nightmare. I was trying to fix someones issue. The router is crap and provides no detailed logs. Neither does windows.

It would fail to connect to wifi so unlikely able to get IP after authentication.

So static ip is the way to go.

#Censusfail Australia: Not an attack, data safe, no heads to roll

DanielR

They mentioned router fell over, which means their only hardware load balancer fell over with no backup.

The choice of server software is not going to scale well either.

IT analyst: Oz census data processed as plain text

DanielR

OK people. Here is in point form what I consider a maybe breach of security and privacy. Pretty much setting up people to be targeted not only by corporations but criminals.

1) name

2) address (they ask about the address multiple times even though the code and form has the address in it. lol

3) How much they earn

4) The workplace name

5) The workplace address

6) A persons business name.

I don't believe there is a single question in here that is useful whatsoever for planning. A massive waste of $500 million. A wasted opportunity.

We should see truthful information here like how much people spend on food, debts with banks, debts with utilities, how shit their faulty copper NBN is, housing affordability, multiple pages on health, etc etc.

The bulk is asking useless information that breaches personal security and has no worth whatsoever other than corporate and criminal interests.

The Christian lobby will find it useful where to attack and infiltrate next in areas with large amount of "no religion" responses.

DanielR

If they want to embrace technology in this "digital government" they should be using blockchain. Countries like Estonia use this for voting and government stuff.

The system is not secure whatsoever. No bot should be able to access it for instance. They have remotely loaded javascript and the client code is not scrambled.

I chose paper. They want very detailed information not just name and address, but names of people not at home. Name of employer, their address, the name of your business then of course how much you earn. No relevance to "planning" whatsoever.

Sure outsourced ATO companies now get all this info so more chance of breaches but so will criminals.

No questions whatsoever about health, debts, housing, internet.

DanielR

Take note unscrambled javascript. Everyone can see it. Not secure whatsoever.

I already told them about that. And they did the same mistake as the I-vote system and remotely load jquery files on the google cdn haha.

The Australian Bureau of Statistics has made a hash of the census

DanielR

Someone mentioned BOM. Their cloud servers were infiltrated and hacked by the Chinese. This will be the same.

DanielR

Damn Straight.

"If two data sets – the Census and the Pharmaceutical Benefits Scheme, for example – contain enough data points to consistently identify me, then a hash of that data would work just as well for anonymous analysis.

Richard Chirgwin with a date of birth and an address will produce the same SHA-256 key (c2483d63179b71b37334f730385272c81b5d6bd3ae6edffb49234cfeb7f7d9a6, I just tried it) no matter the source system – but the hash cannot be reversed to deliver my personal data."

Hash keys as I've been carrying on about.

The fact they made an excuse about using names as keys proves they need it for corporate data mining and scope creep.

The fact they can't manage and design databases properly proves how hopeless they are.

Then the data breaches come rolling in.

Telstra's CRM system breached competition undertaking: ACCC

DanielR

These mafia thug criminals are not only thieves of public money but a security risk.

Australian government urges holidaymakers to kill two-factor auth

DanielR

If Mygov is one massive outsourced security hole full of sql injection exploits I wouldn't expect anything less.

Sued for using HTTPS: Big brands told to cough up in crypto patent fight

DanielR

PATENT TROLLS ARE HOPELESS AND THIS IS HOW THEY TRY AND MAKE THEIR MONEY. THEY ARE LUDDITE. I HOPE THEY GET COUNTER SUED FOR WASTING TIME.

It's almost time for Australia's fibre fetishists to give up

DanielR

Until it rains and you have to wait weeks for a repair like you do currently. Businesses have had to wait months for line repairs. "Up to" is also a scam. You either get it 24/7 or you don't.

I will be paying the extortion costs of $3000 to get fibre connected.

They will be not replacing the telephone line, you know the one that causes most people's problems to the pits. They re-patch you at the pit to a non noisy line that goes to the pillar. I don't doubt for a second there is any usable lines left.

Stop kidding around, unless we're talking ethernet cables as copper. 100 year old cables in my circumstances you have to be kidding me !

Also to rejog your memory

https://delimiter.com.au/2012/04/30/fttn-a-huge-mistake-says-ex-bt-cto/

https://delimiter.com.au/2012/06/29/330mbps-bt-extends-fibre-from-node-to-premise/

BT is moving to FTTP. Only 1% of users can get 75mpbs . JOKE ! Disruptor and economy killer !

Telstra passes on NBN billions, plays it safe

DanielR

Not even Telstra want to go into the hornets nest because they know.

DanielR

Good at economics I believe. This is what Turnbull has given you just to avoid fibre. Replacing the copper with copper. ADSL services.

New NBN build plan full of linguistic holes that will explain away delays

DanielR

It's so they can say something is happening without doing much at all. That is why they bought back the HFC which was due for being decommissioned. To slap something together and call it an NBN that has no upgrade paths to fibre or will have to be upgraded to fibre at more costs.

It's electoral fraud.

NBN cost blows out by at least AU$10bn and FTTN isn't launched yet

DanielR

The man has absolutely no credibility whatsoever and has absolutely no idea what he is talking about.

What they do have an idea about is under estimating their costs to take to an election of course !

They won't deliver, they blasted all their money on the HFC buy back, they will need billions to setup new infrastructure to accomodate deprecated assets, there will be no money left for Docsis 3.1 or Gfast which they said from the start it would be a future upgrade. Which will never happen because they will be kicked out by then.

They will be kicked out and we will get fibre again.

NBN Co yet to make a single fibre to the node connection but is eyeing off G.fast

DanielR

Do the UK have GFast installed already ? You know the scammy noise reduction technology because noise is prevalent to begin with ? If so they found only 1% of users can reach 75mbps. Con job much ?

I believe all these fancy upgrades for redundant technology is a waste of time and money considering it will not benefit much at all.

HFC is a problem because Foxtel consumes 60% of the channel bandwidth. They would have to take channel bandwidth back to give us 1gps and that is 1gps "whenever it's available" The whole thing is going to come crashing down when they force people from crappy copper to more expensive cable.

Fixed wireless so many people I hear complain they can't get connected because they are not in line of sight so a massive hopeless scam. Stop gap measure and an abomination let alone insecure and no doubt noisy too ?

Telstra offers six explanations for its dud Netflix rating

DanielR

Telstra's SLA is Foxtel and voice first only. They couldn't give a damn about internet let alone fixing a downed connection in a timely manner, more like expect weeks downtime. Why else are people stuck on dialup technology and copper ;)

Great, we all want 5G mobile broadband. Now just how are we gonna wire it all up?

DanielR

They need to stop this fantasy that LTE will replace fibre. Stop mucking around and provide fibre to all premises should be the goal.

We all know how crap wifi is for starters. The noise is just almost impossible to deal with and an abomination. I will be wiring up my house with ethernet !

Mobile data is insecure also not just unstable , and can't scale.

The slow strangulation of telework in Australia

DanielR

on HFC too but not timeouts just completely disconnects when it rains. The connection issue takes out the modem which needs to be rebooted, the bridged ip console becomes unresponsive !.

Not entirely helpful for someone who doesn't know what they are doing.

I have to send large projects that I rar up of course. If Im waiting to receive a delivery from an ADSL connection it could take days. rar projects could be between 200mb for sound mixes crunched up to gb's. Sending on HFC is much faster than ADSL but still sluggish even using btsync.

If you use dropbox for instance, I believe it is uploading to S3 virginia therefore regular timeouts and very slow compared to uploading to S3 sydney. Use bit torrent sync always.

I cannot wait for the day for 1000/1000 business needs this ! Business also needs a connection that stays up especially when it rains ! I have lost time and money dealing with downed connections in the past.

Fujitsu shrinks SMB file transfer metadata traffic jams

DanielR

CIFS + SAMBA == VPN right ? Network shares over WAN farout.

I saw this possibly differently. Could this not open up to other areas like HTTP ?

Excuse the ignorance. It did say cloud, therefore files served over CDN's. Segmented files for instance therefore Mpeg Dash speed up ?

At least how CDN's handle fils but S3 is an object system so maybe this doesn't relate to them ?

United Nations sends peacekeeping forces to Internet of Things war

DanielR

Obviously no mention of security. That is going to work out well for them once people get their devices turning on remotely because it's open to the public through their routers. Or sensors going nuts because someone has jumped onto the insecure wireless communications. All this needs to be taken into account. I don't believe any access should be opened up unless it's ip filtered.

Kaspersky says air-gap industrial systems: why not baby monitors, too?

DanielR

I believe the issue with the baby monitors is that crappy home routers are designed to open upnp ports which is exactly what was happening. Turn that shit off and don't use crappy routers.

This is the problem. Most people are supplied crappy routers trying to promote AC wireless as something that will improve their internet speed on their crappy copper when in reality their machine probably can't even work on AC. People don't upgrade their firmwares and neither do the ISP. It's their job to maintain them I reckon unless it's BYO.

I use a wifi passport generator and then to get that onto devices I use QR code readers. Getting the password onto the PS4 is still stupid though ! Turn mac address filtering on too.

Is that a graphics driver on your shop's register – or a RAM-slurping bank card thief?

DanielR

Is that how they did it !

And guess what ? They put one single lone guy to the task to track down the Bulgarians who did it.

Says it all while the NSA are concentrating on spying on their own population they leave the country exposed to cyber attacks and all that black hat firepower can't even thwart them. National security my ass. Cyber security is a national security risk obviously.

This is down to a few things.

Windows XP. POS systems connected to other windows systems on the network and not isolated. Surely there has to be a way to fully isolate everything and should never be connected to other windows machines on a LAN !

Obama issues HTTPS-only order to US Federal sysadmins

DanielR

Black Hat Barack ! classic !

Didn't they brag about cracking SSL and VPN encryption ? Is this an irony ? Are they bluffing ?

These black hat criminals are certainly sick that is for sure.

Undetectable NSA-linked hybrid malware hits Intel Security radar

DanielR

Hence why the NSA are one of the biggest blackhat cyber criminals on the planet.

Australian government sun to set on NBN funding

DanielR

They've messed this up big time intentionally to kill fibre because australia can't have nice things. Meanwhile murdoch is still losing money, his plan just made things worse for himself.

They do not intend to upgrade to Docsis 3.1 on HFC. They used up most of their money buying the HFC which goes down when it rains mind you. They are paying some american company on top to maintain it and from reports saying to upgrade to Docsis 3.0 when we already have it lol what ?

Your reports about bad signal for fixed wireless LTE is not surprising i'm afraid. FIBRE is the only way.

According to Netflix, Australia's slowest ISP owns half of Foxtel

DanielR

100mbs HFC here, but in reality 115mbps with my router because i'm bridging to an edgmax, don't use their crappy routers ever they are insecure and have all firewall features turned off !

However it goes down when it rains so a pile of crap. It also went down for half of sydney 4 months ago for 6 hours , no media report and total silence from them.

'The Internet of Things is like the Cloud 8 years ago' ... Boss of Dell's new IoT biz spills beans

DanielR

JOKE

Celeron ! sounds like crap. Get an edgemax ! routing is fully hardware accelerated !

DanielR

Edgemax Lite $130 better value for money

My tiny edgemax lite only cost $130 also and runs less than 8w !

NSA eggheads tried to bork Nork nukes with Stuxnet. It failed – report

DanielR

Meanwhile they keep getting infiltrated with malware by china and getting their military secrets stolen. The latest was at a university no doubt chinese spies. they need to do a better job isolating machines on a LAN to prevent the bloody thing gaining access further up the chain. Or stop using windows for starters.

Death-to-passwords FIDO Alliance finds a friend at DOCOMO

DanielR

No e-commerce on the phone

Only a fool would attempt to do e-commerce on your smart phone. It's not secure at all. Phones are public facing and have no firewalls you'd have to be an idiot to participate. And governments have been going hard trying to get malware on phones. All it would take is for that iris signature to be sniffed.

I think it's a great idea but cabled into a computer or part of a computer that doesn't have malware built into the hardware of course and behind a firewall.

AGL trumps Tesla with batteries-and-solar-cell package

DanielR

Not what it seems. Wolf in sheeps clothing.

AGL have run an effective fraud campaign with the government to kill carbon pricing and therefore kill the industry and competitors. Meanwhile all this is happening they get corporate handouts from the government like most miners do to keep them afloat.

They want to run a monopoly. While competitors start dropping off with the help of the government they are quietly setting up their own solar farms. They a utility they don't want off grid. They want to of course control everything.

Biting the hand that feeds IT © 1998–2019