* Posts by Alan J. Wylie

681 publicly visible posts • joined 21 Aug 2009

Page:

The curious story of Uncle Sam's HR dept, a hastily set up email server, and fears of another cyber disaster

Alan J. Wylie

Re: WTF is "leepfrog.com"

I thought the max size of an SPF record was 255 characters / 512 bytes?

Sort of. Note that there are multiple double quote delimited strings in their record.

RFC 7208 section 3.3

"TXT records containing multiple strings are useful in constructing records that would exceed the 255-octet maximum length of a character-string within a single TXT record."

Alan J. Wylie

WTF is "leepfrog.com"

OPM have one of the most ridiculous SPF records I've ever seen.

opm.gov. 300 IN TXT "v=spf1 ip4:205.131.184.50/32 ip4:205.131.184.51/32 ip4:205.131.177.50/32 ip4:205.131.177.151/32 ip4:205.131.184.52/32 ip4:205.131.177.152/32 ip4:205.131.184.125/32 " "ip4:205.131.184.126/32 ip4:205.131.177.125/32 ip4:205.131.177.126/32 ip4:73.23.28.0/24 ip4:208.76.128.0/21 ip4:66.159.72.186/32 ip4:216.230.115.73/32 ip4:216.52.6.89/32 " "ip4:216.230.115.69/24 ip4:66.169.72.166/24 ip4:216.230.114.66/24 ip4:216.230.101.69/24 ip4:66.169.72.176/32 ip4:173.201.193.170/24 ip4:107.20.210.250/32 ip4:52.1.14.157/32 " "ip4:52.6.44.126/32 ip4:52.207.153.36/32 ip4:65.196.93.7/32 ip4:96.43.152.64/28 ip4:96.43.152.80/32 " "ip4:149.19.38.227/32 " "ip4:149.19.37.167 ip4:149.19.38.138 ip4:149.19.37.159 ip4:149.19.37.32 ip4:149.19.37.73 ip4:149.19.37.55 " "ip4:163.120.86.44 ip4:163.120.86.62 ip4:149.19.37.109 ip4:149.19.37.33 ip4:149.19.37.49 ip4:149.19.37.86 ip4:163.120.86.56 ip4:163.120.84.26 ip4:149.19.38.45 " "ip4:163.120.84.80 ip4:149.19.38.69 ip4:149.19.38.87 ip4:149.19.38.105 ip4:163.120.84.62 ip4:163.120.84.37 ip4:149.19.38.63 ip4:163.120.84.20 " "ip4:52.61.131.175/32 ip4:52.61.131.176/28 ip4:52.61.135.175/32 ip4:52.61.135.176/28 ip4:34.206.132.87/32 ip4:18.233.74.128/32 include:spf.protection.outlook.com" " a:usalearning.net mx:usalearning.net include:e2ma.net exists:%{i}._spf.mta.salesforce.com include:leepfrog.com -all"

Naïve Reg hack thinks he can beat Christmas food comas once and for all

Alan J. Wylie

Re: Castlerigg stone circle and computing history

Not North, the book you refer to wasn't published until 1996, twenty years after my schooldays, by which time I'd moved on to other interests, but your post triggered a memory of Alexander Thom. Another part of the "research" we did at school was investigating the precision with which students could pace out a "Megalithic yard".

I do have a copy of Euan MacKie's "The Megalith Builders".

Alan J. Wylie

Trekking poles

Trekking poles are invaluable for crossing streams in spate, even if they spend the rest of the time strapped to your rucksack.

Also, +1 for Paramo, but even a Paramo "waterproof" jacket and Berghaus overtrousers won't stop you getting soaked to the skin in the worst weather (been there, done that).

Layer up, with a synthetic wicking layer against the skin.

Taking it to the extreme, don't bother with a waterproof top, instead wear a Paramo/Buffalo/Montane smock.

Jackets come in two lengths. The shorter ones may be more fashionable and better when belaying a climber, but they can leave an exposed gap around your midriff above your overtrousers. Paramo do both lengths, I have one of each. I found my short padded Paramo top in a charity shop in Kendal with £5 on the ticket. I gave them a lot more than that for it.

Alan J. Wylie

Castlerigg stone circle and computing history

Back in the 70's, when my brother, sister and I were at school in Keswick, we did a project on Castlerigg Stone Circle and "leylines".

The local education authority provided the school with an HP 9830A calculator/ BASIC computer.

The physics master lent us an ex-Canadian Army gunsight - a compact theodolite. We surveyed all the stones, I did the 3D trig to calculate where on the slope of Blencathra the sun would rise on midsummer morning and stayed up overnight to catch it. Helpful teachers and students with driving licenses drove us to other stone circles. My brother wrote a program for the HP 9830A to calculate the "leylines" between them, then created random points and ran the program again to see whether we got a similar result.

We entered the project into two competitions, one run by Computer Weekly and the BBC's "Young Scientists of the Year".

We came second in the CW competition and were donated an ICT (the forerunner of ICL) 1902 computer, and reached the finals of YSotY.

More details at my brother's website.

NASA wants ideas on how to haul injured moonwalkers

Alan J. Wylie

Undergrad thought he had mastered Unix in weeks. Then he discovered rm -rf

Alan J. Wylie

Re: what does ~* do?

Quoting the original article: Emacs backup files

emacs appends ~ to the filename when creating backup files.

$ cd .emacs.d

$ ls *~

bbdb~ gnus.el~ viper~ vm.el~

SuperHTML is here to rescue you from syntax errors, and it's FOSS

Alan J. Wylie

Nikola

For my personal, self hosted web site I used to use Blosxom, but it's getting old in the tooth. I recently moved to Nikola, available as a package in Gentoo. It's a Python program that takes as input plain text files with some HTML markup and turns them into more featured HTML. Fortunately importing my old site was pretty easy using the RSS support in Blosxom.

Feature phones all the rage as parents try to shield kids from harm

Alan J. Wylie

BBC News today: Smartphones: "I feel guilty for not buying my daughter one for school"

Girl without smartphone unable to join in lesson

A mum has said her 11-year-old daughter returned home from school in tears because she did not have a smartphone to use in class.

Celeste Lewis said she felt guilty after her daughter Ava's school, Whitchurch High in Cardiff, encouraged pupils to use their phones in lessons to do things like look up locations on Google Earth.

Opening up the WinAmp source to all goes badly as owners delete entire repo

Alan J. Wylie

Taking a company's source code and preparing it for release to the wild is not a simple process. I've been there, done that for OpenSTA

back in 2001.

IIRC, it involved checking the copyright of everything, removing author's names (some no longer worked for Cyrano, we didn't want people being bothered by support requests) and not least, removing any jokes or bad language from the comments.

Alan J. Wylie

Re: LOL

It seems to have been like this for a while. discussion at GitHub Community

The github-actions bot has responded.

Sysadmins rage over Apple’s ‘nightmarish’ SSL/TLS cert lifespan cuts plot

Alan J. Wylie

Re: Cookies too?

Cookie-AutoDelete may be what you are looking for

A working Turing Machine hits Lego Ideas

Alan J. Wylie

No Annoying Music

There's also a version with no annoying background music

That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices

Alan J. Wylie

This on twitter at 19:00 UTC. CUPS is one of Openprinting's projects.

<cite>

Simone Margaritelli @evilsocket

Mark this. 1 hour to go.

https://openprinting.github.io/codeofconduct/

</cite>

Alan J. Wylie

Re: Its confirmed to be cups-browsed

If it is cups-browsed, then I've got nothing to worry about. It's [N]ot installed. And no server I've ever managed has had it (or cups) installed either. "all GNU/Linux systems (plus others)"? Hardly.

[I] net-print/cups (2.4.7-r2@06/02/24): The Common Unix Printing System

[N] net-print/cups-bjnp (2.0.3-r1): CUPS backend for canon printers using proprietary USB over IP BJNP protocol

[N] net-print/cups-browsed (2.0.0): helper daemon to browse for remote CUPS queues and IPP network printers

[I] net-print/cups-filters (2.0.0-r1@04/06/24): Cups filters

Microsoft's Patch Tuesday borks dual-boot Linux-Windows PCs

Alan J. Wylie

Good article explaning the issue from Matthew Garrett

https://mjg59.dreamwidth.org/70348.html

CrowdStrike shares sink as global IT outage savages systems worldwide

Alan J. Wylie

Critical systems do not fail because a person makes a mistake, but because insufficient controls fail to prevent the mistake. Dr. Johannes Ullrich

Everybody has a testing environment. Some people are lucky enough enough to have a totally separate environment to run production in.

Alan J. Wylie

I can remember sitting in a pub with a load of Ferranti employees and contractors one lunchtime in 1993, listening to the news on a radio, waiting for the announcement of bankruptcy. We'd already put all our personal and corporate belongings in our cars.

ITER delays first plasma for world's biggest fusion power rig by a decade

Alan J. Wylie

Fission is easier, but that doesnt make it better. Burning Coal is even easier and cheaper

Have a read of this article by Otto Frisch On the Feasibility of Coal-Driven Power Stations

The recent discovery of coal (black, fossilized plant remains) in a number of places offers an interesting alternative to the production of power from fission. Some of the places where coal has been found show indeed signs of previous exploitation by prehistoric men, who, however, probably used it for jewels and to blacken their faces at religious ceremonies.

The power potentials depend on the fact that coal can be readily oxidized, with the production of a high temperature and energy of about 0.0000001 megawatt days per gram. That is, of course, very little, but large amounts of coal (perhaps millions of tons) appear to be available.

The chief advantage is that the critical amount is very much smaller for coal than for any fissile material. Fission plants become, as is well known, uneconomical below 50 megawatts, and a coal-driven plant may be competitive for small communities (such as small islands) with small power requirements.

...

Alan J. Wylie

Re: Optional

How Many Years Away is Fusion Energy? A Review

Historically, it has been a running quip that ‘fusion is always 30 years away. ... Thus arises the following question: is the age-long sarcasm of “fusion is always 30 years away” still valid in 2023? This paper answers this question through a literature review of researchers' expectations about when fusion energy will be “ready” for over the past 40 years.

BOFH: Why's the network so slow?

Alan J. Wylie

Mornington Crescent?

I'm surprised that while visiting all those stations, the PFY never arrived at Mornington Crescent.

We need a volunteer to literally crawl over broken glass to fix this network

Alan J. Wylie

Molten lunar regolith heats up space colonization dreams

Alan J. Wylie

NIST turns to IT consultants to clear National Vulnerability Database backlog

Alan J. Wylie

Opensource Security blog post: "Why are vulnerabilities out of control in 2024?"

"Why are vulnerabilities out of control in 2024?"

Council claims database pain forced it to drop apostrophes from street names

Alan J. Wylie

Re: Tail wags dog

Cleckhuddersfax

Alan J. Wylie

Only 5 or 6km from Torpenhow is Aspatria, which has its own problem. The locals pronounce it "Spyat-ree", posh folk "As-spay-tria", but the recoded message on Northern Rail trains says "As-spat-ria".

Alan J. Wylie

Re: Does anywhere in Wales have accented letters?

You beat me to it.

From The UK Gov Index of Place Names in Great Britain, download the index, unzip it, grep out all the usual characters, and you are just left with ! and ô

Westward Ho! and Ynys Môn

Alan J. Wylie

Let's not mention Torpenhow Hill

Alan J. Wylie

Re: stand 'ard

ObXKCD

Alan J. Wylie
Alan J. Wylie

This road sign always used to amuse me: Bronte Parsonagë. These days they've lost the diaeresis on Brontë.

Lightweight Dillo browser springs back to life, still doesn't care about JavaScript

Alan J. Wylie

Re: Posting from dillo

Yes - I really was able to log in and post

Alan J. Wylie

Posting from dillo

$ cd /work/src.git/dillo/

$ ls -lh src/dillo

-rwxr-xr-x 1 alan users 6.0M May 6 11:53 src/dillo

$ src/dillo https://forums.theregister.com/forum/all/2024/05/07/dillo_browser_v3_1/

Drowning in code: The ever-growing problem of ever-growing codebases

Alan J. Wylie

Re: Thank you Liam

"30 foot high Jenga tower"

ObXKCD

You're not imagining things – USB memory sticks are getting worse

Alan J. Wylie

I discovered the hard way that doing an initial backup of lots of files to a mounted USB stick with LUKS encryption caused so many writes that it wore it out.

Now, I create a temporary encrypted filesystem no bigger than the stick, back up to that and then "dd" the image onto the raw device.

Zen Internet warns customers of an impending IP address change

Alan J. Wylie

I wouldn't think you'd have any problems setting it as a simple straight-through router

I run like that, for IPv4 at least, using PPP, ever since I had a dodgy router that leaked memory and required regular rebooting. Add plugin pppoe.so to the options file. In the Fritzbox "Account Information/Internet Settings" page, just enter "." as the username, something random as the password, the Fritzbox then passes PPPoE straight through.

I've had an HE.net IPv6 tunnel since long before Zen starting supporting it, so have never got round to configuring it. I do see local and remote Link Local IPv6 address appearing in the ppp log though.

Alan J. Wylie

Re: It depends on the use-case

But not from a *residential* IP address block. Because it'll quickly get RBL'd (see my answer above).

Nothing but "Checking 82.68.155.94 against 83 known blacklists - OK" at MX Toolbox for my IP.

Alan J. Wylie

Re: Anyone using the IP for a self-hosted mail server" should just stop

I run my own mailserver. Zen allow you to set reverse DNS (PTR record) for your IP address (scroll down to the FAQ section)

$ dig +short -x 82.68.155.94

wylie.me.uk.

Until, IIRC, GDPR, my /29 was CIDR'd with my personal details.

Alan J. Wylie

Re: Lifetime guarantee

General Terms and Conditions

ADSL T's and C's

18. Changing this contract

18.1 This contract may be changed by us, including our charges, at any time. We will notify you of any changes at least 14 days prior to them taking effect.

Alan J. Wylie

https://www.ipxo.com/blog/ipv4-price-history/#paragraph-32 from July last year suggests $45 to $60 is a typical price per IPv4 address.

My /29 is in 82.68.0.0/14, approx quarter of a million addresses (though no mail from Zen, yet). Multiply those together and it will keep your senior management in very acceptable single malts for a long, long time.

Alan J. Wylie

Me too. I've had a /29 since November 2003. No mail from them announcing a change.

Date order placed: 14-Nov-2003

The following static IP addresses have been assigned for your exclusive use:-

Number of IP addresses: 8

IP addresses: 82.68.155.88 - 82.68.155.95

ICANN proposes creating .INTERNAL domain to do the same job as 192.168.x.x

Alan J. Wylie

Re: Why is toplevel query to "zghjccbob3n0"?

I've got a github login. It seems to be associated with a list maintained by "Chris Buijs", containing top level domains that do not exist, yet are frequently queried.

From "https://github.com/cbuijs/accomplist.git"

$ git grep zghjccbob3n0 | grep -i chris | grep -vE ".{1000}"

chris/abuse-tlds.list:zghjccbob3n0

chris/dnsmasq-abuse-tld.conf:server=/zghjccbob3n0/

tlds/black.list:zghjccbob3n0 Chris-Abuse-TLDS

tlds/dnsmasq-filter.conf:server=/zghjccbob3n0/ # Chris-Abuse-TLDS

tlds/dnsmasq-regex-filter.conf:server=/zghjccbob3n0/ # Chris-Abuse-TLDS

tlds/knot-daf.conf:daf.add 'qname = zghjccbob3n0 deny' -- Chris-Abuse-TLDS

tlds/plain.skipped.invalid.domain.list:zghjccbob3n0 # Invalid-TLD-Chris-Abuse-TLDS

tlds/unbound-filter.conf: local-zone: "zghjccbob3n0" always_nxdomain # Chris-Abuse-TLDS

$

Alan J. Wylie

Which is why The Register loves the standards process

obligatory xkcd

What's worse than paying an extortion bot that auto-pwned your database?

Alan J. Wylie

Take a tip from Oracle: use a really secure combination, such as scott / tiger

CEO arranged his own cybersecurity, with predictable results

Alan J. Wylie

Unannounced security tests

At a couple of my previous places of employment, there have been unannounced (even to me, as a senior security engineer) phishing tests. It puts me on the horns of a dilemma. Do I

1) Get to my feet and loudly announce to the office "Beware - a phishing e-mail has just arrived", ruining the test, or

2) Stay quiet and run the risk of the less aware staff compromising security.

Google Groups ditches links to Usenet, the OG social network

Alan J. Wylie

A very timely RFC: RFC 9518 Centralization, Decentralization, and Internet Standards

RFC 9518, published just this morning.

Whereas early services like the Network News Transfer Protocol (NNTP) and email had multiple interoperable providers, many contemporary platforms for content and services are operated by single commercial entities without any interoperable alternative -- to the point where some have become so well-known and important to people's experiences that they are commonly mistaken for the Internet itself

Page: