Posts by elip

Re: No relation

Remember these same commentards said Joe was "Sharp as a tack", and that any speculation about his lack of mental acuity was a "conspiracy theory". Geniuses these clowns are I tell ya.

Re: Seems to work for the basics

Huh? I've been running various OpenBSD versions on various KVM versions for years, both in KVM-based clouds, as well as a guest on my own private plain-old CentOS 7.9 server as daily driver at work. What issue are you seeing with installing recent OpenBSD versions on KVM?

Absolutely brilliant move! Amazing how HPE's GL customer numbers have sky-rocketed!!!

Re: No idea what ArubaOS is[1]

It's just another plain old Linux based product...apparently folks at Aruba didn't feel like enabling long-standing protections against common buffer overflows.

Re: Some OSS development introspection needed

28 dependencies you say? Sounds like you're using a system guided by a fool's philosophy (as you almost allude to) the symptom of one is including systemd by default. You keep deflecting from this fact, but the truth is, people with years of security research experience have been sounding the alarm on systemd for a better part of a decade...and here we are.

Here's what sshd is supposed to look like on any sane OS:

$ sudo ldd $(which sshd)

/usr/sbin/sshd:

Start End Type Open Ref GrpRef Name

000007a716e25000 000007a716f21000 exe 1 0 0 /usr/sbin/sshd

000007a9a3c39000 000007a9a3e73000 rlib 0 1 0 /usr/lib/libcrypto.so.52.0

000007a99f989000 000007a99f9a1000 rlib 0 1 0 /usr/lib/libutil.so.17.0

000007a928576000 000007a928595000 rlib 0 1 0 /usr/lib/libz.so.7.0

000007a97b991000 000007a97ba8a000 rlib 0 1 0 /usr/lib/libc.so.97.1

000007aa15be8000 000007aa15be8000 ld.so 0 1 0 /usr/libexec/ld.so

Not quite: Change Healthcare is not a health insurer. The health insurer that owns them as of a couple of years ago, actually has its shit together with regards to security and network design. Change Healthcare itself is a Healthcare Tech services provider...the techies that should've known better, didn't. The whole place is a shitshow, but for sure their systems are a mess.

Re: So, can't even get power steering right

I know the other recalls don't get as much clicks as anything to do with Tesla, but I'm sorry to disappoint you: all manufacturers have had vastly larger power steering recalls in the last 5-8 years.

Re: OK, I'll bite

Citrix XenServer continues to be updated...though why anyone would want this piece of shit instead of using KVM I do not know.

I suspect you're correct. From what I've heard, IBM has literally outsourced their cloud management tasks to the lowest bidder.

No, they're only disclosing because they have to by law as a public company, and likely, because MS knew that HPE was one of the victims. Amazing incompetence all around at both companies.

Re: Re:Musk being on the left?

*Clutches Pearls* Say it ain't so!! Not *THEE* Joe Rogan!!! That right wing nationalist that supported Bernie Sanders and Tulsi Gabbard presidential runs?!!! You orange-man-bad people, have completely lost your minds and are absolutely divorced from facts. Get off the internet.

I've been managing production applications across many disparate industries on KVM (and other open source hypervisors) for well over a decade now. Nobody needs a 'better solution', just good enough. There are many options. Nobody really needs or fully utilizes VMware's bloated crap.

Re: No poets got fired last week.

Hmmmm...well, to be fair, maybe he just knows the name Ethereal?

Re: Actually, Florida sells this

Yes, *most* states do. Check the fine prints the next time you renew your driver's license.

Re: Amendment 4 anyone?

It never has been, but it has never been allowed to be challenged.

Re: What about censorship?

It is indeed very bizarre to see these newer-generations-of-Reg-writers (where did the rational, older folks go?) pick on a failing social media site as if it was tech-news-worthy, for no other reason than them disagreeing with personal opinions of the owner. The reg has gone to shit. Guess they gotta pay for hosting *somehow*.

Re: Starship hasn't had the most successful history?

Clearly he'll get right to work on that, right after he's done with his few hours of internet shit posting.

Re: Is this a true 24-core Power10 chip or a fake 12-core chip x 2 in a DCM?

No doubt about it, as someone who runs both Power and SPARC gear, I cannot believe people continue to pay the IBM POWER premium. The cost is staggering. The management software/middleware, just plain terrible. But hey, at least they started packaging OpenSSH with AIX 7.3. Only took em 20 years to catch on. :-D

Re: Credible or not, the motivation is suspect

The Australian security forces were first to report the bio-leak/escape from Wuhan.

Re: If everyone is back in the office..

Remember when the Register's comment section was the main reason for being here?

Re: probably wasn't an act of terrorism

Don't worry, soon they'll blame the Russians.

We're two years away, and Hillary's already warning the world that Republicans have a plan to steal the 2024 election:

https://www.washingtonexaminer.com/news/hillary-says-gop-planning-to-steal-2024-election

Re: Quis custodiet ipsos custodes

I found the weird slant in the article pretty confusing. Random mentions of unrelated Elon Musk tweets, adjectives where adjectives weren't necessary, etc. Hmmm.

Re: Slowlaris? Seriously?

hehe. Only on the most critical of workloads.

Re: Come on

I agree, this struck me as an odd way to start this review. As if setting us up for the rest of what is to come.

Frankly, if my choice of network kit (some bits I'm in charge of currently) comes up and it's between Cisco (way overpriced, and with known backdoors, and a very poor security record) and Huawei (moderately priced, "alleged" backdoors [none alleged by actual infosec pros but by beaurocrats], and *some* bungled releases from a security perspective), it'll be an easy one to make.

Re: Wow.

Don't worry, COVID's not that bad for 99.6% of the population. I assume you've been living right, sleeping right, treating your body like the temple that it is, and making sure your immune system can fight off relatively benign infections like any sane person would have...right?

Re: My personal computer could survive this

Nah...I was involved in helping google figure out basic data center power, DC cooling, Linux, UNIX, storage issues after they acquired a company I worked at, and proceeded to screw the pooch on a thoughtlessly executed data center migration (that was wholly based on marketing of the new location [in their words - "to enable us to hire younger engineers"], *NOT* on any technical requirements post-acquisition). They truly don't know what they're doing when it comes to data center ops compared with companies who had been doing it 6+ decades. Their engineers I worked with believed all workloads were easy to understand and troubleshoot. It was beautiful watching them scramble as they failed to understand one protocol after another. :-P

Re: We Just Advise, We Don't Implement

>For just one, where are all of these new experts with access to every app's source code supposed to come from?

I was one of these "experts" as you call them. It was part of my sysadmin gig. Maintain the tool chain, audit new toolchain requests, continuously audit the infrastructure, move slow especially when devs want you to move fast, etc. This wasn't exactly a safety-critical industry either - we made consumer electronics - tvs, computers, phones, cable set-top boxes, walkie talkies, etc.

Most of us were laid off, I suppose you can just re-hire us from the unemployment lines?

The goal is not to get access to *every app's source code*, the goal is to not even allow the app onto your network to begin with. It's really not that hard man. This place where I worked at was around 2004 timeframe, and it was for sure happening decades before then in safety-critical work spaces. Lets stop making excuses for doing the responsible and prudent thing, for the sake of cheap, low-quality and often unsafe goods.