* Posts by Chronos

1257 publicly visible posts • joined 21 Oct 2007

Page:

Western Digital drive is DRM-crippled for your safety

Chronos
Stop

Safe harbour?

As far as I can see, WD *have* to do this. They may not be a common carrier (look it up) and may not be protected by safe harbour. I know we're talking about US law, but WD is a US company. IANAL, of course, but this is basic arse-covering law that every sysadmin should know.

A huge FUDpile over one little move to protect themselves whilst still providing a useful service to those who need, say, to access technical manuals on the move from a pitifully small hard disk equipped "corporate" laptop. Read the damned articles on it: It's not stopping YOU from accessing anything, whether that be over MioNet or your own LAN. It's stopping you from turning WD's MioNet (they have just Borged it. Read the "about us" page http://www.mionet.com/about/overview.jsp) into the next big copyright infringement site which, as far as I'm concerned, is a totally acceptable, even necessary, thing for them to do. In fact, they have been very generous (or foolish) not to include .iso and cue/bin in those restrictions. I know I would have.

Micron takes on solid state drives

Chronos
Go

Re: Units violation alert.

Absolutely. I also think we should consider the DFOP as the standard El Reg unit of data storage capacity. Directories Full Of Pr0n makes it easy to visualise how useful these things will be in the real world.

FAST cracks down on pirates near Penzance

Chronos
Stop

Penzance?

Redruth is nowhere bloody near Penzance. Penzance is in the hundred of Penwith, whereas Redruth is in the hundred of Kerrier, not really known as the hundred of piracy. It's actually better known for another activity.

Camborne School of Mines, arguably the best mining academy in the world, is located in Pool, halfway between Camborne and Redruth. It also boasts the last operational Cornish beam engine (and the father of steam locomotives, Richard Trevithic. Stevenson who?). It's more likely that this "piracy ring" were data miners in Kerrier. I'll get me coat...

Ubuntu laptop clan trapped in hard drive hell

Chronos
Alert

@Anton

It's not the spin down that's the problem. It's parking the heads every few seconds, then re-loading them to the disk, a problem particularly with those drives that have an "off ramp" for the heads to park on I'd imagine. The SMART attribute for this action is 193 Load_Cycle_Count.

And no, this isn't an Ubuntu problem. FreeBSD on a suitably equipped laptop leaves the APM alone as well, leading to attribute 193 incrementing every few seconds and the tap-whir-tap-whir noise from the hard disk. sysutils/ataidle is the cure here, using the -P 254 flag. It's similar to the solution proposed by Linux-Hero with hdparm -B, although 255 doesn't work for some hardware and you're better off using 254.

Nor is it new. Here's a link to some poor bastard in 2004 with five hundred thousand head load cycles on his hard disk. Not surprisingly, it has failed SMART.

http://osdir.com/ml/utilities.smartmontools/2004-07/msg00072.html

Macs seized by porn Trojan

Chronos
Stop

Re: @cronos

"To state the bleedin' obvious to anyone who's actually read the article, the software does not AUTO-Install via the browser, QuickTime redirects to a site with an alledged codec and "The Trojan requires victims to enter the administrative password for their machine"."

One word: COBBLERS. The browser (not bloody Quicktime, it's a bogus message the browser is fooled into displaying), even when redirecting to another site and asking for root privs, is not telling the user exactly what he or she is installing. It is, in effect, saying "you need this bit of binary blob to view your smut and I approve wholeheartedly of the use of it" which is somewhat different to your scenario of the user saying "whoa, a root password prompt! WTF?" They're probably so used to MacOS asking for root privs at this point that it hardly registers any more. Yes, Ubuntu et al also do the same thing. It's still wrong no matter who does it and it is my opinion that MS have inherited this idea of UAC *from* the OSS world. In fact, MS's implementation is a little better; at least it warns the user of the possible consequences of supplying the administrative credentials. irrespective of the fact that most Vista boxen have null Administrator passwords.

OK, so the trojan poses as a Quicktime codec. The user should simply think "WTF? Quicktime's already installed" and suspect the worst? Nope, because they're trained by a lax security model to be guided by the machine making assumptions instead of the correct method of ensuring their machine does as it is told and no more. And that, my friend, is the whole point: They've got it wrong. Again.

This is endemic in the software world. Firefox, the OSS posterchild of security, does a similar thing on multiple platforms with its plugin finder, although this uses a central point of known values, as opposed to the site "requiring" the binary, to locate the appropriate software. A bit better, but only by a small margin. To quote the infamous spam solution reply form: "why should we trust you or your servers?" Konqueror, from which webkit evolved, doesn't do any of this at all. Most amusing.

Another little heads-up for the Mac users affected by this: Open a console and type "man resolv.conf" to learn how to remove the bogus DNS entries manually. It doesn't matter that the DNS textboxes are greyed out on the advanced networking applet. If you remove the bogus servers from /var/run/resolv.conf (yes, /etc/resolv.conf is a symlink) after blitzing the DNS check from crontab (removing whatever executable is referenced by that entry with "rm" would also be a good idea), you'll be cured and you'll also understand the underlying system a little better.

That's not to say I don't expect the vast majority to just dig out their installation DVD and start holding down C, another thing Microsoft has given us which will haunt us for decades to come. Be thankful this is a simple trojan and not a rootkit. For the same effect and much more fun removing the infection, just think of the hilarity that would ensue if the malicious site replaced dhclient with a modified version that rewrites resolv.conf with these bogus servers every time the lease renews. "chflags schg /sbin/dhclient" (assuming a UFS filesystem, I have no idea whether this works on HFS+) is a 99% sure prevention of this attack vector, but what are the chances of people listening? Even then, adding "prepend domain-name-servers ns.example.invalid ns2.example.invalid;" to dhclient.conf will achieve the same results but be a little easier to get rid of. This is all off the top of my head, of course. There are 101 ways to attack the securest of boxen; it just takes fooling the operator to effect 100 of them. Vendors supplying more and more ways to fool said operator is just plain short-sighted so, although I seem to have digressed, this whole rant brings us back to the point I tried to make earlier: The OS vendors are actively contributing to the ease of socially engineering root credentials from their users.

Oh, and it's Chronos. With an "h" and a capital "C". Not that you didn't already know, of course. The quality of trolling in these comments seems to be at an all-time low, amanfrommars excepted of course.

Chronos
Flame

crontab...

...the damned word is "crontab" as in cron(8) tables. I know it's probably a typo (yes, I have Cumberland sausage fingers too), but I really think that it's worth pointing out so that anyone on a Mac box can launch the console and type man crontab to find out what the hell we're all talking about and maybe even learn how to get things out of the crontabs for themselves.

Now, even if Microsoft Windows' days as the dominant OS are numbered, which I sincerely doubt at this point, it looks like it's business as usual for VXers. Of course, that also means SNAFU for us.

I hope Apple have learned a valuable lesson from this: Make something too simple (such as auto-installing software via the browser) and you get smegups like this creeping in because you're actively discouraging thought on the part of the user. EXACTLY the same mistake MS made and continues to be punished for, for example by people disabling UAC on Vista because they don't (and, at this late stage in the game, don't want to) understand why or how, they want it to Just Work [TM] because Microsoft have them trained not to think.

It's PEBKAC, pure and simple, although the blame doesn't solely rest upon the luser in between.

Cannon runs amok, kills nine fleshies

Chronos
Dead Vulture

Re: Tom Sharpe predicted the future!

Did it hit a vulture, though? One just gets a mental image of Els with those four Saracen guns...

Powered by "Old Rhino Skin" brandy.

Page: