Posts by bombastic bob

rfc561

yes. the date. excellent point!

And there was this CDC 'Cyber' system in use by the state of california university system, which had, *cough*, e-mail on it. and there was this guy in 1978 at SJSU who had written an e-mail system for the on-campus timesharing minicomputer (running RSTS/E on a PDP-11/70). His name wasn't "that guy" either.

There was also another guy, an associate prof, who accessed ARPANET e-mail over a phone connection.

So yeah, I call B.S. on that idiot's "invented" claims of inventing e-mail in the _LATE_ 70's. RFC's 821 and 822 notwithstanding, of course.

Re: NOT the solution for internet of infected things

the real solution is a lot more obvious: don't expose them to the public intarwebs without a secure shell of some kind that uses an actual LOGIN...

best way to handle that is an ssh tunnel capability in your firewall. that would mean running sshd on every firewall system out there (quite possibly on a fixed IPv4 address, or an IPv6 address), with PROPER security even, and allowing ONLY properly credentialed users to secure-tunnel into your network to access the devices (say 'phone application with an assigned ssh cert'). THEN all of the IOT devices won't use UPnP to tunnel past the firewall and listen on the intarwebs, or even use publically viewable IPv6 addresses for the same purpose, but would INSTEAD listen on a private LAN IP [and/or non-public IPv6]. The sshd login would then become the 'single point of failure' so the firewall makers would have to goad people into setting it up PROPERLY, then SHUT! OFF! THAT! HIDEOUS! SECURITY! CRATER! known as 'UPnP support on the router'.

/me notes my FreeBSD computer serves as firewall, router, IPv6 tunnel, web server, and sshd for remote access, on a fixed IP, with a 'godaddy registered' name server running, and a few other things. Ok most people don't want this, but if EVERYBODY HAD TO DO THIS to get IoT to work right, it would be a HELL of a lot more secure!

the alternative would be a cloud-based "solution" involving a) a 3rd party sshd-based cloudy server, b) connect to it from your network directly using a daemon/service/whatever to connect your LAN to the service, and c) tunnel through that connection from the 3rd party sshd, through that daemon/service/whatever [which could JUST be ssh invoked with the proper parameters], so that the connection works on both ends.

Anyway, IoT devices using such a service would be as secure as the ssh config. But at least it would become a stumbling block to scanning the ENTIRE address space looking for poorly configured TELNET on IoT devices...

Re: Joke Alert? 4 Richard Plinston

"When the initial retail Windows 95 came out it did not connect to the internet* but instead only connected to the original MSN, a private network for Win95 only."

not entirely true. The 'plus pack' had Intarweb Exploiter in it, and I think it was a free download if you subscribed to MSN at that time, which ALSO installed a *real* WINSOCK connection to the intarwebs. I forget the details since I beta tested MSN before '95 was released, as well as '95 itself [and the plus pack - Hover was a pretty cool game] so I snarfed up a really cool MSN login/e-mail name with no suffix numbers [the only reason I keep sending them $4.95 per month, to keep it; that, and the 'emergency' dial-in access for those times that I've needed it].

Ah yes, the days when the number of search engines were few, and many of them were manually edited for appropriate links and content, and Mirsky's "Worst of the Web". And no F'ing JAVASCRIPT.

But seriously, '95 came WITH dial-up internet access if you subscribed to MSN. Out of the box. CompuServe didn't have that for another year or so.

Re: Snap! saviour of the universe?

Snap! we just B0RKED your device with the latest update that you couldn't shut off. sorry.

(that's where the "windows-like" comes in)

Re: Android Studio

you had me up to the iOS comment. no up nor down now.

I think Android Studio is about as good as Micro-shaft's developer studio, and it has MANY of the same *kinds* of irritations and quirks that you have to learn to work around.

Since I'm privately working on my OWN cross-platform IDE with an appropriate C-language compatible toolkit, I _can_criticize. Unfortunately I lack time+funds to complete it in a short period of time. Interestingly the VACUUM for a decent IDE is still THERE.

Some of the worst aspects of Micro-shaft's development IDE are present in Android Studio, starting with the cumbersome nature of 'Auto Complete', the "hands off the keyboard" properties "thing" in the screen editor, and [worst yet] the *HIDEOUS* behavior of said screen editor when you make even the *TINIEST* of changes, and watch your entire screen RE-ARRANGE on you in the most HORRIBLE fashion. It's caused me to SCREAM PROFANITIES.

Then there's the automatic code formatting. K&R style? REALLY? How about a *SINGLE BUTTON* to change it to ALLMAN STYLE for THE REST OF US, and *THEN* *KEEP* *THE* *STYLE* *SETTINGS* *INTACT* if you zip/tarball the project and copy it to a DIFFERENT COMPUTER (like multiple people working on it, via e-mail or something) ???

It takes *WAY* *TOO* *MUCH* *DAMN* *TIME* to set up for Allman style. You have to change SO many things in SO many places. And how can you turn it *OFF*? Maybe there's a way, but it's SO hard to find things like that, it's almost worth "just changing all of those OTHER things".

So I wouldn't call it "light years ahead", but it DOES have a number of useful features, and from within a Linux VM, CAN! BE! SET! UP! TO! RUN! ON! THE! HOST! DISPLAY!!!

Yes. I do occasional 'droid development in a Linux VM, with the USB device forwarded [virtualbox], on a FreeBSD host. the latest 64-bit Mint does pretty well for that.

/vent complete, hence the mushroom cloud

Re: I fully expect down votes on this...

" one classified (or more sensitive) email is 1 too many."

I agree, and shall expand:

"For official use only" - can compromise military readiness or policies that take away advantage or put the country at a disadvantage in any kind of war or conflict. Example, the press shows up at a beach landing of U.S. marines, and gets in the way. Yes, this has happened.

"Confidential" - is likely to compromise military readiness, or take away advantages, etc. example, significant improvements in foreign anti-submarine warfare and submarine technology suddenly "happening" due to the activities of 'the Walkers' back in the 80's...

"Secret" - is likely to comprise agents or soldiers in the field, possibly getting them killed. No example, though I can think of a few. Best not to go there.

"Top Secret" - serious harm to defense, lots of people killed, and so forth. A 'top secret' thing might be a device that allows a ship, plane, or platoon of soldiers to be undetectable, or a new type of weapon that could easily end (or prevent) a war. Even knowledge of its existence would be a serious problem. The manhattan project is probably the best example of this.

(when referring to such a secret, in a conversation to those to whom such a secret has been disclosed, it is not uncommon to use a generic term, like "the device" or "the gadget" or similar, NOT even using the real name that both parties are fully aware of, to avoid disclosure)

Mrs. Clinton was authorized for Top Secret (and possibly 'eyes only') information. And when I was in the military, you didn't get this, even if you had clearance, unless you had "need to know". It's treated VERY seriously, for obvious reasons. If ANY of that information went onto her non-government insecure e-mail server, which she OBVIOUSLY kept for DISHONORABLE purposes (i.e. HIDING things from 'freedom of information'), it was a CRIME.

Re: Just let Obama continue while they sort this out

Obaka probably WILL pardon Mrs. Clinton, regardless of the election's outcome, for the same reasons that Ford pardoned Nixon.

Re: Wrong headline?

"by sending this information only to Republicans."

that actually did NOT happen. All members of Con-Grab got "the memo".

interesting spin, though. The rumor mill has apparently altered a few facts in order to portray a political motive.

(like the downvote ratio I've been receiving for anything anti-Clinton or pro-Trump)

Didn't BREXIT get similar downvote ratios here? It's a good sign! Yeah, I thought BREXIT was a pretty good idea, said so a few times, gave some references to 'El Reg' articles that showed how the Brussels "overseers" had been slowly tightening the screws on UK, made some references to the US revolution in 1776, etc. and got plenty of "howler monkey" downvotes because of it.

[and the Cubs won the world series, too! imagine that!]

it's all 'signs of the times'. We'll see what happens on Tuesday. I am pretty optimistic.

Re: Governmental emails had already been provided

"3) How are the accusations against Bill Clinton around sexual misbhaviour relevant to email retention?"

it's the COVERUP part that's important. Mrs. Clinton has a history of coverups. It seems to extend throughout her entire career.

"4) You should really provide a link to this supposed 'lost evidence' "

http://www.hannity.com/articles/election-493995/listen-rape-victim-speaks-out-about-15196170/

"Clinton’s defense team requested its own testing of the underwear, but it ended up being 'accidentally destroyed' by the 'independent' lab."

what's NOT told, in snopes, the ABC article I found, and a few other places, is WHEN the evidence was lost. They all admit it was lost. That's the basis of Mrs. Clinton's (then Miss Rodham) argument for getting the defendent off with an extremely light sentence. THAT and the polygraph, which anyone properly trained can defeat. examples, put thumbtacks in your shoes, and give yourself a dose of pain for EVERY true answer, and every lie that you want called "truth".

/me comments I don't need drugs. I'm just fine the way I am, howler monkeys and amateur shrinks notwithstanding.

Re: It's still free

"This is a quite obvious attempt by MS at being cunning. They'll probably trick some ignorants/halfwits to believe they're 'fleecing Microsoft'" by posing as disabled persons."

Posing? I figure they're MENTALLY DISABLED if they go for it...

Re: Genuine curiosity...

don't forget that users don't *NEED* 'faece'book NOR tw[*]tter, NOR google, to use their computers.

But they DO need an OPERATING SYSTEM.

And *THAT* is what's so HEINOUS about Win-10-nic's spyware and adware.

" if you want a fair CPU power based charging model"

WHY _anyone_ would want a MICRO-SHAFT SERVER "operating system" is BEYOND ME.

That goes double with the availability of RHEL (if you need the support), and CentOS (if you can manage it yourself), not to mention every OTHER Linux distro out there that has a lot of support for 'Enterprise' things...

does RHEL do per-core / per-cpu / per-seat licensing like Micro-shaft? Just wondering, as to the best of my knowledge they do NOT.

Then again, I mentioned that CentOS is *free*

Re: "Windows 10's impressive rise"

"I haven't forgotten ME. Nobody mentions ME. It is being erased from all family pictures as we speak and will, in time, be erased from all web pages as well."

windows [obliterated]

sorta like the way certain pharoahs had their cartouche 'obliterated' by successors. Windows [obliterated] was the bastard stepchild of '98, supposedly a steppingstone to XP. More of a stumbling block, or a very deep pothole.

Win-10-nic should be looked at the same way, the "stumbling block" or "very deep pothole" [instead of stepping stone] to MICROSOFT! DOMINANCE! UBER! ALLES!!!

Otherwise, *WHY* kill 7's presence in the market? It was *SELLING* !!!

Re: Horseless carriages

"clue was in the title"

Oh, you were being SARCASTIC? I agreed with your sarcasm. Businesses do NOT need Win-10-nic!!!

can I change my UP vote to a DOWN vote instead?

Re: As long as Win10 continues to be a piece of spyware...

"... and which search engine do you use?"

duckduckgo, mostly [no spying]

Re: Dis Crimi-nation

well, maybe if potential passengers STOP trying to look like gangstahs, i.e. "don't put the hood up for your photo", maybe they'll get rides more often...

(just sayin', there may be more to this)

"we're very much non-US and send/return addresses and mail servers never quite line up."

I (a 'merkin) occasionally get UK-related spam as well...

The Comcast employee who used Comcast's e-mail database for spamming, though... that's pretty disturbing. I wonder how common it is for security breaches to happen "that way".

Re: What's it for?

"Both Twatter and What?App could easily be replaced by an IRC client that always connects to a certain domain."

EFNet is still pretty busy these days. lots of 'lurking' in the channels I'm in, however...

then there's USENET which has NO moderators. visit alt.hacker for some fun, as well as alt.os.linux.ubuntu and a few other linux-related newsgroups.

Yeah, WHO needs Tw[i,a]tter??

Re: Sometimes you get what you wish for.

"I can't stand it when some one says, "hash tag", and then adds something they think is funny."

it's funnier when you read it as 'pound' like

#sandupyourass

or

#myheadonthewall

Re: Clap Hans....

say it with an "80's euro-pop" sound and it works

I still have to wonder...

I still have to wonder as to whether use of REAL name/address etc. actually HELPED him get the initial $100k or so. There might've been some head-scratching over it, but apparently it wasn't scrutinized enough. Was the initial scrutiny something like "is this guy a REAL person? Well, nobody would be THAT stupid..."