* Posts by jon909

7 posts • joined 20 Apr 2016

Western Digital: And when I pull the covers off, behold as NAND becomes virtual DRAM


Ooooh yes, the oxford comma. I believe there's a funny sketch by Mitchell and Webb on that old chesnut.

Junior dev decides to clear space for brewing boss, doesn't know what 'LDF' is, sooo...


Re "meet “Bert”, who was working at a large brewing firm":

Anyone remember the game Beer Belly Bert's brew Biz?

Post-silly season blues leave me bereft of autonomous robot limbs


Foodvisor's crap AI

The App is a cover for a company wanting to tune its AI algorithms by getting end users to correct its mistakes. CAPCHAs have been doing this for years.

There is no perceived IT generation gap: Young people really are thick



Commodore 64 makes a half-sized comeback


I wonder what they're doing to emulate the SID chip.

City of Moscow to ditch 600k Exchange and Outlook licences



VXers pass stolen card data over DNS


Hackers only need to look up an A record to a (sub)domain they control. The victim's IP and credit card(s) can be encrypted and encoded into an ASCII DNS name eg ip.creditcard.comprimised.dyndns.org

The lookup might fail but the hackers' DNS server would have a log of the lookup or they could just reply with whatever data they want ie an IP thats really a fragment of remote command data.

Therefore remote command requests and replies wouldn't even need to rely on TXT records and any usual proxying and UDP/TCP filtering of port 53 would not help.

I guess the thing to look out for is to be suspicious of A records that aren't the root or www AND to clamp down on excessive lookups on the same domain.

Practical solution? Get payment service providers to host "secure DNS".

Biting the hand that feeds IT © 1998–2019