DEFCON is cancelled
Which means that the long running joke is now cancelled?
In other news, thousands of hackers fly into Vegas assuming they’re being punked with the DefCon Cancelled announcement, only to find out its true this time around!
3172 posts • joined 12 Oct 2007
True; while I managed to avoid it, I finally came down with the CON-Flu in the aftermath of DEFCON26 (Aug 2018). It also managed to hit me right during my return flight. Dealing with customs and waiting for baggage claim at my home country while getting sick is not a nice experience.
I do wonder if regular con attendees have developed a super boosted immune system?
I was shitting bricks over this, as I was going to have to spend a lot in getting a 5 year renewal (or more if possible) of my existing .org domain to give me at least some breathing space and see if I could migrate away from that TLD. I chose to make my main domain a .org precisely because it was less likely to get price gouged at all. Fortunately, this scam was stopped.
I still wonder if selling off RSA was a good idea, given that everything related to infosec is gaining value, but I guess Dell (the man) needs to keep the Icahn at bay.
It is however interesting to see that Dell's bet on staying in the personal computer business has paid off, unlike others like IBM who sold their entire personal computing stuff to China.
The problem is ... both.
The GPL is designed to act like a virus, infecting everything it touches.
Oracle is known for being awful on these kind of things, even if you don't count the whole Java API fiasco.
And then the CDDL itself was purposefully made incompatible with the GPL.
Oracle also closed sourced ZFS at some point so there are now two branches: propietary ZFS by Oracle and OpenZFS by BSD. AFAIK OpenZFS is still stuck on the CDDL license.
StarTac probably didn't make it to the UK due to it being an analog phone (AMPS/NAMPS) released at a time when the EU had already jumped to GSM.
As for iPhones: I just upgraded from the 5s to a 6s. Why? Because the 6s is the last one that has the jack, and the 7 and 8 are still stupidly expensive at this point. And the X is already a non-starter as it removed the Home button and it has that horrible notch thing. I can cheer for Apple though, thanks to the X any non-X iPhone user is now less prone to being mugged or getting their phone stolen. The X is now the ultimate "mug me, I'm rich!" sign.
Other than that, I find it really dumb to splurge so much money on a smartphone. Especially when it's ugly.
Well, the old school Blackberry OS did have quite a number of apps, and at some point they were very useful for everyone. But they fumbled because the Blackberries were horribly underspecced and the "classic" OS was slow as hell. By the time they pushed out BlackBerry 10 it was too late, and their "clean slate" approach to apps (instead of offering a migration path) pretty much doomed them at a time when iOS and Android were taking the top spots for devs. Had they released BB10 back in 2009, when they were still one of the top players, they might've survived.
Hell, Nokia was on the right track on this; they were improving Symbian and cooking up a Plan B OS (Maemo, Harmattan) in case Symbian didn't survive. They were even looking into a migration path from Symbian to Maemo/Meego/Harmattan. It wasn't until Elop came in and set everything on fire that Nokia went down hard. All because Elop had to Borg Nokia for his Microsoft masters. Fortunately Nokia was able to jettison the diseased arm before it took them down.
But then, there's many of us who don't give a crap about apps. We just want a mobile phone to use as a phone, not some dinky, overpriced, portable computer.
That doesn't counter the previous user's comments though. He specifically mentioned a Smartphone, not a regular phone. If you want just the phone part of the thing, that's what feature phones, or even dumb cellphones are for. They're even coming back, through the revived not-quite-Nokia resurrection which is now free from Microsoft's claws.
There was some experiment a couple of years ago (2010) where whoever owned the 188.8.131.52/8 block experimented with advertising the 184.108.40.206/24 and 220.127.116.11/24 routes to the 'net. They got hit with a massive flow of garbage traffic due to these kind of stupid configs. It was so bad that they had to give up using those blocks. Wonder if that has been "solved" recently?
And where does your DNS get its resolution from? What is it’s parent? Or are you one of those muppets that are hammering the root servers directly?
Proper DNS implementation should be hammering the root servers directly. The only time you should be using a "parent" DNS is when you have your own complex DNS infrastructure inside the organization. Most orgs only have one or two DNS servers, in which case using the root.hints is the proper way of doing stuff.
Ok, my previous comment may have sounded like unfounded hate for the platform ... but that wasn't the case in the beginning. Remember HPCs? Those sounded awesome, and that was what Windows CE was made for. I even owned an HP Jornada at some point, which was pretty good for its time. I was more of a Palm guy myself, but those ceased to be good when they went WinMo. The HP Jornada, however, never ceased to be good.
I actually think that the downturn came around the time they decided to morph Windows CE into Windows Mobile. From there they started doing weird things with the platform, then decided to kill it and create Windows Phone ... and everything from there was just pure crap.
I had quite a number of friends using Windows Mobile phones, mostly latecomers to Palm and a couple of pre-Android Samsung handsets. I only got to see a single person using a Windows Phone handset, and he hated its guts.
Their mentality was as though they had dominance. It was so arrogant, it was embarrassing. One of the (many) things that's made me move away from Windows development.
They're used to that arrogance; somehow they don't realize that outside of the desktop/laptop PC OS and office productivity software, they're far from being the predominant player.
See how they pissed away their market share by trying to pull off the DRM fiasco and then ram Kinect down everyone's throats. By the time they relented, it was too late and the PS4 was outselling them 2:1. Even the Switch has sold more units, and that platform was released years after the XBone(d).
Agree with everything but this:
Kill Windows Mobile which with proper development would have been a major competitor for Google / Apple
Nope, Windows Mobile was a stillborn platform. Only Microsoft could believe that anyone would voluntarily get suckered into "that shit OS that always crashes on PCs". They went through many iterations of it and all of them failed. Windows CE. Windows Mobile. Windows Phone. Windows RT. The only thing where they succeeded was in killing any sucker that bet on the platform for their hardware: Sendo, Palm, Nokia. At least Nokia was able to jettison the diseased post-Elopocalypse crap before it took them down.
> If you even remotely care about security, you’ll need to check the client certificate at the firewall
You can't do that unless your firewall is performing a man-in-the-middle attack on the session - that is, spoofing a false server certificate back to the client, which the client is configured to trust.
Both are sort of right. You can check both client and server certificates at the firewall, because at that point, the communication is still being made in cleartext. Certificate exchanges are sent as part of the initial handshake. Firewalls are capable of MITMing stuff... however, parsing an X.509 certificate and validating it is going to be resource intensive. It's less the job of a regular firewall and more of an IDS/IPS thing, and even then it's going to be so resource intensive that it'll slow down all outgoing traffic. Why? Because you'll need to check all outgoing traffic, see if it's an SSL/TLS handshake, then check the handshake itself, parse the X.509 certs, validate them .... you get the idea.
This is going to suck, because the only way I see this being mitigated is by forcing all traffic to go through proxies, then having those proxies offload all CONNECT requests to an IPS. There's a lot of software out there that shits itself whenever you try to make it go through a proxy...
The certificate contains the data because that way, you can initiate a TLS connection, have it fail and the firewalls and IDS/IPS systems will only register a failed connection. However, the data dump will already have been sent.
It's sending information on a channel nobody's expecting to actually contain data.
OSX user here, and it's a vulnerability. It's probably somewhat mitigated in the sense that setting a password for root plugs the hole, but it's still an embarassment. Not sure if it's remotely exploitable, which would be bad. If it allows for su - without a password, it's probably bad, but it would still require someone to log in with a valid username/password before exploiting it.
If someone already has physical access to the system, there are larger issues at hand.
I knew I couldn't be the only one mad at this change. I actually held off upgrading to El Capitan because of it. Ended up jumping from Yosemite to Sierra on April because APFS was actually piquing my interest. I didn't really expect it to be released with these kind of bugs, though.
Mobile operators have been clinging desperately to physical SIMs in order to prevent customers from switching easily.
Quite the opposite. Mobile operators would love for someone to make non-removable SIMs a thing as that would mean they would get handset lockdown for free. That's what used to happen in the pre-GSM world, and what has been going on for decades in the US with the horrible CDMA carriers.
I hope this crap doesn't take off, because the moment this jumps into GSM handsets, operators will lock 'em down hard. And all because Apple has to keep their control freakery alive.
I've got a 5s as well, and it still works pretty well; I got mine in 2015 as I didn't want the monster sized screens. It still works, the only caveat being the 16Gb storage (should've gone for 64Gb) but other than that, it works. And yes, I've got the latest iOS version installed.
Compare to my wife's Huawei, which is sluggish and keeps crashing even though it's just a year old.
Honestly the only ones I haven't seen go bad are the Samsung phones. Most cheap android devices just stop working as intended after the first year.
Light years ahead of anything Windows can do.
Everything is light years ahead of anything Windows, period.
As for snapshots, that's available on ZFS too, mostly because btrfs was originally born as an Open Source equivalent to ZFS, mostly sponsored by Oracle. But then Oracle bought Sun and they got access to ZFS, so btrfs was "no longer important". :(
I did try btrfs at some point, but it just didn't work well, so I had to move to ZFS. The latter is supported on pretty much every single OS except Windows (again, everyone's light years ahead of Redmond's OS) so it also serves as a multiplatform FS.
For a start. The very founding principle of ZFS (that many people forget) is that it was designed as, and continues to be maintained as a JBOD DAS file system.
This is actually a feature. You simply stick disks into your system, and set up zpools with RAIDZ1/2/3 instead. You'll get exactly the same functionality offered by RAID5/6, but without the dependency on the RAID controller. Ever had a RAID controller failure? Back in 2009, I found out that fakeraid controllers do weird stuff and thus their "RAID" arrays can't be read by other controllers, only the ones from the same brand/chipset you originally used.
ZFS pools can be imported to any system and will always work.
So yes, I'd rather have ZFS on raidz2 than a RAID controller that might leave me SOL if it breaks down and I can't get the same chipset when it does.
Biting the hand that feeds IT © 1998–2020