Posts by Crazy Operations Guy

Re: If you want to start an argument..

My company ran into that, until we realized that DNS was a thing and you can assign as many damn hostnames to the same machine as you want.

In my network, systems tend to have 4-5 hostnames, one that represents the psychical rack location of the system, it would also have an A record for its Asset ID, another for its purpose (like US-NY-Filer-02), and another for application-specific purposes. Many machines holding multiple roles will have multiple host names, so like our multi-purpose Email server is known as pop3-01.<domain>, IMAP4-02.<Domain>, ActSync01, MTA-01, SMTP-05 (application roles), etc as well as B22-Rm2501-Rk15-St15 (Location), Ast0023875 (Asset tag), and MAIL.<domain>.com (for user access).

Re: Alternate DNS roots

I've built my own DNS boxes specifically for that purpose. The server runs a script that pulls https://www.internic.net/domain/root.zone, compares it with the previous version and adds the changes to my stripped-down DNS zone to serve up. I have yet to see anything worth a damn on any of these new TLDs and did it to avoid all the malware and pointless bullshit that infests domains in those TLDs. My users complain that they can't access anything under .buzz, but those sites are already against the AUP anyway, so no loss there.

I've found that nothing useful uses anything other than the generics (.com, .net, .org, .edu, etc) or a ccTLD (.uk, .de, .sv, etc).

Nearly all the new TLDs are owned by companies trying to protect their IP, or domain squatters (With have of those being owned by a single troll based in Bellevue, WA)

I'd think 'medical equipment'. Or at least that is what happens in Alabama where you need to get a doctor's permission to purchase one...

Re: Obsolete technology

Only obsolete for stationary systems (Of course it is still quite useful if a ship drags its anchor across a fiber link and severs it).

But it is quite useful for communication with ships, aircraft, and people that are in areas that a fiber link wouldn't handle. InMarSat is currently working with the aviation industry to start streaming the CVR / CDR (Black Box) data live from all aircraft to a ground station to avoid something like MH-370. Same story with ships.

There are also plenty of people (such as myself) that work in areas where even copper doesn't reach. Its also useful for personal and vehicle emergency beacons or just remote data logging from remote experiments (such as volcano and Tsunami warning systems).

"so people were sick and dying and doctors couldn't get internet"

Email is not internet. The lists that Spamhaus produce are intended as part of a spam reduction system, not for just out-right blocking. The intention is that organizations would use their lists in calculating the probability of the message being spam (Spam filters tend to look at multiple factors, not just origin to determine if a message is spam)

Of course, those Hospitals / schools are likely to have been blocked because they were sending out spam. I have seen numerous hospitals and schools that were compromised and used to relay spam . Just this morning, I got a message from compromised email account at UC Berkley trying to sell me Viagra. I had another form a hospital trying to to sell knock-off designer clothing. Students and doctors tend to be the worst when it comes to InfoSec and if the IT folk aren't paying attention, the organization may well be a major source of spam. That does discount the malicious admins out there working for peanuts that sell access to their servers to spammers to amke some cash on the side (Hospitals and schools tend to pay their IT personnel quite badly, many working for not much more than minimum wage)

Re: how about..

"The solution is to use femcell"

I've always wondered why they didn't just blanket jail and prisons in a fine mesh, then implement a femto-cell within the cage. Set it up so that during the connection process it brings up a message stating that the local network is being actively monitored. Maybe just inform the person through a text message that the phone owner would answer:

"I consent, but check with me later",

"I consent and don't ask again"

"I don't consent, but ask again later", and

"I do not consent, never try to allow my phone to associate again"

With it being in a Faraday cage, people who do not consent to the monitoring aren't tracked and their phone just doesn't work while being able to track the phones of people who do consent. For people being held, they'd either have to consent to being tracked or to go without connectivity.

Re: Appropriate

I figure that road would be painted with a special symbol indicating that driver-less cars can be used on it. Something certifying that it has clean and clearly painted lines, is on a maintenance routine to keep it usable, and that there aren't any blind corners. Maybe implement it as a QR-like code or something on the bottom of speed signs so that the vehicle would identify it, read its ID, download the appropriate information for that stretch of road. After it downloads the data, it'd do some processing to determine if it is capable of going autonomous safely. The vehicle will only go into automated mode when it has been determine that is safe to do so. A sort of positive control system.

I figure the signs would be good for a certain length of road with 'refresh' marked mid-way through that zone. If the car misses the refresh marker, it'd have enough time to warn the driver and return to manual mode before the stretch ended (EG, the marker is good for 10 miles with a refresh marker at 7.5 miles, so a driver would have 2.5 miles to regain control and start driving manually).

As for how it communicates, I figure that the manufacturers would be able to make the same deal that Amazon did to get free 3G service into its Kindle readers.

"Just a 1Kx1Kx1K volumetric display, 32 bits per voxel (you now MUST include the alpha element), updated 15 times a second will require 60GB (yes, gigaBYTES) of bandwidth to keep up."

No, that would only need to be what the rending device need to send to a display. A single DVI link is capable of 16 GB/s (3840x2160 x 32-bit color x 60fps) but the CPU only needs to send a few megabytes per second to the GPU to render that picture.

Besides, a 3D display like the one you describe wouldn't even need to that much bandwidth since it would only need to render all visible surfaces such as if you had a 100px cube, it wouldn't bother rendering all 1,000,000 pixels that make up the object, but rather just the 6000 px that make up its visible sides.

And even then, it wouldn't need to render all visible side if one is obscured by another object (like if that cube was on top of a simple plane). Bandwidth could be further reduced by tracking the location, angle, and focus of the user's eyes and only render the surfaces that would be visible to them, similar to how 3d applications / games currently work.

Yeah, the technology for it does not yet exist, but it isn't all that far away (May already exist in a lab somewhere).

Re: Get into cars !!!

I'm a bit concerned about running safety-critical systems on commodity silicon...

I would much prefer that the vehicles run on a set of FPGAs running externally-audited VHDL code. There should be at least 3 such FPGAs running redundantly tied together with voting logic.

I would not feel comfortable trusting my safety to a piece of silicon that can be wedged by masking interrupts, then putting the chip into sleep.

Re: The F*ck

My most common typo has to be "suod", "sl", "gerp", or the many other typos due to my left hand being just a millisecond slower than my right... (and in regular text: "teh" and "int he")

Re: @COG

And that is why I wonder why they aren't just building standard boxes with the FPGA / ASIC built into the storage controller. It's much easier to design and build storage solution in that case. It'd be much easier for them to just take an off-the-shelf DL380, pop the fancy RAID card into it, and sell it as a high-end storage system. Heck, then they could market the controller as an add-on for all the existing boxes they sell. Throw a 10/40-Gig NIC onto the card for replication, then you could cross-connect a pair of systems together and have a pretty resilient cluster with minimal effort.

For extra points, add a pair of M.2 or SD-card slots to the RAID controller to hold the OS.

They could cut down drastically on producing multiple chassis types as well as needed inventory.

But then it wouldn't be HP. Once the kings of the datacenter, now gasping for life as they drown under their acquisitions and mismanagement. Their downfall really started when they started making dozens and dozens of different products, with very little differentiating them, and never making any of them -good-. This applies to everything they made from laptop, desktop and printers; to their servers and networking devices; and even up to their blade servers and mainframes. Now with storage, they have their own MSA/VSA-series stuff, 3PAR, Simplivity, and then there are the ProLiant storage systems, which are just DL380s with an MSA-80 glued to the front...

Re: Why would anyone want to unlock the doors [remotely]

Whenever I park my car in a large lot or garage, I take photos of the space, then either direction in the row, then at the end of the row, and so on. I do this whenever I need to park my car in the long-term garage at the airport. I've never failed to find my car afterwards.

Before that, I'd use a notepad and a pen to write down the instruction to get from my car to the lift. Put the note into my wallet, then just followed the instructions backwards to find my car.

These techniques work for the largest parking garage in the world (SeaTac Airport) as well as many other parking lots I've used in the last few years, so there is no reason it wouldn't work anywhere else. I was taught to do that by my father during a family trip to Disney world.

Never once have I used an app to find my car (even after leaving it in a parking garage for 3 months).

Re: Thanks for nothing, TECHNOLOGY

Because now all the people that would normally create those technologies are salving away so they can just barely make rent on a crappy apartment (Just forget about the concept of paying for a mortgage nowadays...)

Re: "...making firewall changes that cut off all their traffic..."

I'd add doing "rm -rf" on the root directory of a remote server.

Did that when deleting some old auto-generated status emails, ended up running "rm -rf / var/log/mail/" and hit enter before I realized the typo. Had to get the hosting provider to restore an old backup since there was no way I was going to fly 5000 miles to fix it.

Re: Russia

The entity that wrote it doesn't have to be the one behind its use. Malware has moved towards more of a free-lance / contract model versus the old "Build your own team" model of yesteryear. This malware is probably built, under contract, by a software shop that builds legitimate apps with a side business building malware.

With a contracted model, the actual entity behind it would be completely anonymous so long as the contractor doesn't rat out their clients. Hell, they could be playing all sides and constructing malware for the highest bidder. They could run their own CnC infrastructure and just pipe the data to whomever is paying while using the same bit of malware to everyone.

Re: Maybe backup your own stuff?!

Not defending lazy customers, but when you offer a paid-for service that includes backups of the data, you damn well better do some bloody backups. I could only forgive a company not backing up client data if they explicitly said that they aren't going to back up my stuff. Not backing up customer data is a stupid thing to do even from a business perspective since if the customers are responsible for backups and you lose their data, they are quite likely to just restore their backups to your competitor's service.

Re: they tried the stick?

Or do what my company did, all input is encoded in Base64 before getting put into an SQL query, the data in the DB itself is also base64 encoded. We did it to solve all kinds of problems. If you want your username to be "Robert'); DROP TABLE Students;--", go for it, all the query is going to see is "Um9iZXJ0Jyk7IERST1AgVEFCTEUgU3R1ZGVudHM7LS0=". We did this as part of an internationalization project so we can support other character sets, unusual names, or just other cultural oddities, the fact that it protects against SQL injection is just gravy.

Re: Android 2.3?

Funny enough, Windows 3.11 (and DOS 6.2.2) is still supported by Microsoft (if you have an agreement with them)... It was very popular for applications where you needed just a basic UI. I've seen it in automation systems, factory control units, point-of-sale terminals, ATMs, military weapons systems, and even Vehicle Control systems (Such as trains, aircraft, and passenger/cargo ships).

It was the perfect combination of features, customization, and size. I have an old system sitting on my desk with a customized version of Windows 3.11 burned into a bank of a PROM chips (16x 16 Mbit chips), 32 MB of Static RAM, a 10-BaseT network card, a 28.8k modem, 8 RS-232 compliant serial ports, a floppy disk controller with two drives, and a massive proprietary card (Three slots wide, and full length, has a couple of odd connectors on the back, no markings other than a hand-written serial number)

Re: Time for some <sarcasm>traditional</sarcasm> Japanese 'restoration of honor' at Westinghouse

Ah, a commentor with the handle "Fat Man" commenting on an article about Japanese nuclear energy while misunderstanding a foreign culture. I think I'm safe in assuming that you are an American...

Re: All automated, but..

If this missile is like any of the off-shoring companies I've worked with, their 'automation' is likely to be some college kid stuffed inside the missile guiding it manually.

I had to find a new off shore company the other day after finding out the one I was using was just using an intern to do the work manually rather than trying to build a script like I had requested. The job was to build 100 VMs for a test, but only 94 of them came back correct with the other 6 suffering from typos in their configurations (Typos that would be almost impossible for a script, but easy for a human to make).