yeah, that’s why i am happy to avoid the us when travelling, mainly because of reports that electeonics are bricked regulary by them, but this discussion is more about theft. like “never allow hand luggage to be checked, better miss the flight instead”:
it’s not always about travellers that could lay hands on your stuff, maybe staff “needs” a living wage too ;-)
i once had to look at a firefall appliance cluster, (discovered, it could not do any failover in its current state but somehow the decider was ok with that) but when looking at its logs, i discovered an rsh and rcp access from an ip address that belonged to a military organisation from a different continent. i had to make it a security incident. later the vendor said that this was only the cluster internal routing (over the dedicated crosslink), used for synchronisation (the thing that did not work) and was only used by a separate routing table only for clustersync and that could never be used for real traffic. but why not simply use an ip that you “own” by yourself and PTR it with a hint about what this ip is used for? instead of customers scratching their head why military still uses rcp and rsh. i guess because no company reads firewall logs anyway XD
someone elses ip? yes! becuase they’ll never find out !!1!
i really appreciate that ipv6 has things like a dedicated documentation address range and that fc00:/7 is nicely short.
ipv6 in companies… ipv6 is not hard, but for internal networking no company (really) “needs” more than rfc1918 address space. thus any decision in that direction is always “less” needed than any bonus for (da)magement personnel is crucial for the whole companies survival…
for companies services to be reachable from outside/ipv6 mostly “only” the loadbalancers/revproxies etc need to be ipv6 ready but … this i.e. also produces logs that possibly break decades old regexes that no one understands any more (as the good engineers left due to too many boni payed to damagement personnel) while other access/deny rules that could break or worse let through where they should block (remember that 192.168. could the local part of ipv6 IF sone genious used a matching mech that treats the dot “.” as a wildcard as overpayed damagement personnel made them rush too fast), could be hidden “somewhere”. altogether technical debt is a huge blocker for everything, especially company growth, and if no customer “demands” ipv6, then it stays on the damagement personnels list as “fulfilling the whishes of engineers to keep them happy” instead of on the always deleted “cleaning up technical debt caused by damagement personnel” list.
setting up firewalls for ipv6 is quite easy and if you go the finegrained “whitelisted or drop/block” approach from the beginning it might take a bit for ipv6 specials to be known to you, but the much bigger thing is IMHO the then current state of firewall rules. and who knows every existing rule? what rules should be removed already and must not be ported to ipv6? usually firewalls and their rules are a big mess due to … again too many boni payed to damagement personnel, hindering the company from the needed steps forward…
ipv6 adoption is slow for reasons that are driving huge cars that in turn speed up other problems ;-|
maybe start with an adjustable setup:
(if you want, ask for config snippets)
btw i prefer to wait for ipv8😁 before “demanding” ipv6 from services i use 🤣
its amazing how good services can be if some just skip the corporation-obligatory adding of enshittification. i remember an article about a downloadable (but not very legal) DVD with an installer for a (worthless but very popular) OS that included heaps of expensive industry software and the installer was point-klick what you want and then all is done in background and fully usable once done. reading that article it seemed to be a better installer than ever produced by any company for any product.
however as that payed streaming service seemingly leaves huge amount of bank records and ran for such a long time, i guess it would have been easy to stop their customers from paying them. it rather might seem that the real intentions of content corporations might not truely be what they officially claim. maybe we learn in 25 years that the content corporations really were behind such services, maybe like “better get money from ALL markets!” or such.
the “news” i “know” about india is little, some historical “facts” written mostly by uncivilized brutish invaders compacted to youtube videos by part or fulltime streamers. Some other “facts” which sound often bad i sometims mostly have from official media known to promote any “nice” propaganda - that is, depicting other countries worse than the own one so that people do not hunt their own gov with garden forks just to stop the crimes. Well i really “know” nothing about India.
But beeing proud of culture usually is a good thing, but that is only if it is culture and as such does not(!) base on abuse or similar.
Maybe what you experience could be a crowd effect that protects the people from seeing what they (group, society) do wrong while at the same time it protects the worst wrongdoers from punishment or at least from getting stopped. Such as it could be a self-sustaining downwards spiral taking more and more and everything down with it slowly increaaing pace. At least what you wrote sounded a slight bit chilling like that.
It could be hormones and how culture tells you to act or not act on them, or a lack of culture about such, maybe a combination of culture to “support your group” while that support does not always protect integrity of the overall concept of what that culture was meant for. A group of people cheering to each other how good they are might not want to stop cheering for “minor reasons” because it just feels good. While doing wrong things they could “help” each other (which is supposedly a good thing but can do lot of harm too) with arguments that this wrongdoing would be ok or even "good’ in this specific moment because of <insert_bullshit_here>. alltogether spiralling downwards doing so more often every day. So all of them can go on wrongdoing while feeling well supported or even falsely feel superior in general.
however a figure (real/not real?) well known in india once said something like “it is better to calm down and just do your thing than to overreact”. (this is the shortes version i’ve ever tried to compact it to but maybe you get the idea anyway).
I know for a fact that this is not true,
i don’t know the underlying things that make it a fact, plz share.
great, thanks. i’ll try it out as i have some spare resources on my server.
🤔 maybe there is a lack of distributed fediversed search engine instances where:
then: “for software development i use linuz personal ‘devel’ collection, this way i don’t have to manually click through big G’s gigabytes of SpaMalAds they always only frustrate you with and i am not distracted with dyo stuff when searching for server administration things like ‘puppet stages howto’. for my home projects i use my friends ‘home of DYO’ collection, i get more results than i need but get new ideas as well without seeing work stuff when looking up how to build a puppet stage for my little one. 👨👧 for kids its awesome, our school provides a collection including specialized search instances that fit learning, while that collection is also peer reviewed by a company that spezialized to ensure it does to not contain search engine instances that also index any unfitting content pages.”
oh btw: no i do not have any info about duckduckgo status unfortunately, i stepped over it by myself today 🤷♀️
deleted by creator
I see only one reason, why i would want to be early at the seat. its bcs if i am not, my backpack might be placed above but multiple seats away by the crew, where it is then uneasy for me to have an eye on it whilst easy for theives to take and open them, especially on long flights there would be plenty of opportunity like when everyone is sleeping.
but for this case i use locks on the backpack anyway, so that anyone who wants to open it, either opens it where nothing of value is in it thus no lock, or at least has a much harder time than when trying the very same with other bags…
also on longer flights i usually did not have that problem, but that could also have been just luck
i think it was not the whole hull but one of the materials, the hull was made of that had expired. well, carbon fibre has its strenght when pulled, but when pushing it bends. but if one uses resin on the fibre, then it gets some strenght when pushed too. similar to steel and concrete, while steel can really be pulled a lot, concrete is way better when pushed than steel. steel is quite stable when pushed too, but thats not its main strength. i think the resin was what really held the pressure in the sub, not the carbon fibre, but with this i only have that dangerous type of half-knowledge i’ld have to bring to expert level before doing something stupid (like depending on that to be fully true without really knowing).
in general things often last longer than their expected “minimum” to be used without concern. but in practice one would have to test for damage or if its worn out (like its done with airplane parts at fixed intervals) even without using materials of bad quality. but that was AFAIK what oceangate’s management decided to explicitly NOT check the sub for - despite internal demands to do so.
i would not say its not possible to build a secure pressure hull out of carbon fibre, or out of carbon fibre of not the best quality, or a hull of a different shape than a sphere, or a hull out of different materials with different bending behaviors under pressure, or when such components are “glued” together on the edges that do the different bending, but ALL of this at the same time and without even checking at least after a new maximum depth was reached? not to mention crackling sounds after which heared one would want to double check. Even the wright brothers seemed more cautious to me.
today one would at least get some wear level statistics with unmanned vehicles in a slightly deeper than intended depth to have security margins and afterwards throughout checks for the parts that are important, single points of failures or are one of the proudly new developed.
deleted by creator
looking at the official timeline it is not completely a microsoft product, but…
i said that systemd was a microsoft product long before its developer was then hired by microsoft in 2022. And even if he wasn’t hired by them, systemd is still a microsoft-style product in every important way with all what is wrong in how microsoft does things wrong, beginning with design flaws, added insecurities and unneeded attack vectors, added performance issues, false promises, usage bugs (like i’ve never seen an already just logged in user to be directly be logged off in a linux system, except for when systemd wants to stop-start something in background because of it’s ‘fk y’ and where one would 'just try to login again and dont think about it" like with any other of microsofts shitware), ending in insecure and instable systems where one has to “hope” that “the providers” will take care for it without continueing to add even more superflous features, attack vectors etc. as they always did until now.
systemd is in every way i care about a microsoft product. And systemd’s attack vectors by “needless dependencies” just have been added to the list of “prooven” (not only predicted) to be as bad as any M$ product in this regard.
I would not go as far to say that this specific attack was done by microsoft itself (how could i ?), but i consider it a possibility given the facts that they once publicly named linux/open source a “cancer” and now their “sudden” change to “support the open source world” looks to me like the poison “Gríma” used on “Théoden” as well as some other observations and interpretations. however i strongly believe that microsoft secretly actually “likes” every single damage any of systemd’s pointlessly added dependencies or other flaws could do to linux/open source very much. and why shouldn’t they like any damage that was done to any of their obvious opponents (as in money-gain and “dictatorship”-power)? it’s a us company, what would one expect?
And if you want to argue that systemd is not “officially” a product of the microsoft company… well people also say “i googled it” when they mean “i used one of the search engines actually better than google.com” same with other things like “tempo” or “zewa” where i live. since the systemd developer works for microsoft and it seems he works on systemd as part of this work contract, and given all the microsoft style flaws within from the beginning, i consider systemd a product of microsoft. i think systemd overall also “has components” of apple products, but these are IMHO none of technical nature and thus far from beeing part of the discussion here and also apple does not produce “even more systemd” also apple has -as of my experience- very other flaws i did not encounter in systemd (yet?) thus it’s clearly not an apple product.
usually at first you can do such, and later on, when a ceo wants more money, you then can buy that together with the new “pro” features actually nobody needs nor wants.
maybe better look for more stable solutions before they start acting like a broadcom ;-)
Before pointing to vulnerabilities of open source software in general, please always look into the details, who -and if so - “without any need” thus also maybe “why” introduced the actual attack vector in the first place. The strength of open source in action should not be seen as a deficit, especially not in such a context.
To me it looks like an evilish company has put lots of efforts over many years to inject its very own overall steady attack-vector-increase by “otherwise” needless increase of indroduction of uncounted dependencies into many distros.
such a ‘needless’ dependency is liblzma for ssh:
https://lwn.net/ml/oss-security/20240329155126.kjjfduxw2yrlxgzm@awork3.anarazel.de/
openssh does not directly use liblzma. However debian and several other distributions patch openssh to support systemd notification, and libsystemd does depend on lzma.
… and that was were and how the attack then surprisingly* “happened”
I consider the attack vector here to have been the superlfous systemd with its excessive dependency cancer. Thus result of using a Microsoft-alike product. Using M$-alike code, what would one expect to get?
*) no surprises here, let me predict that we will see more of their attack vectors in action in the future: as an example have a look at the init process, systemd changed it into a ‘network’ reachable service. And look at all the “cute” capabilities it was designed to “need” ;-)
however distributions free of microsoft(-ish) systemd are available for all who do not want to get the “microsoft experience” in otherwise security driven** distros
**) like doing privilege separation instead of the exact opposite by “design”
there was a study saying that there is not “the” best way of learning, but it is best to combine multiple ways, like with an app, by book, listening to audio only (i listened to radio stations via internet and got some exercise for free), a bit of talking, visiting a country that only speaks that language and so on. trying everything a bit in parallel.
that is because of our brain learns better when given more different types of “connections” to learn.
i started with duolingo (website only, not the app and only the free parts) 4 years ago and now i speak quite fluently. but i also partly read a book about grammatics, visited a spanish speaking country (more than once), viewed movies with only subtitle in my language and did lots of phone calls in spanish only.
my advice is:
look at free apps, whatever pleases you, take chances, listen to the sound (movies, radio), try to speak, and read easy books or go through exercise books.
duolingo is good to keep on going while not really motivated as the shortest thing that counts are really only minutes and one can choose to do something that is already easy. this way at least continuation is kept even if pace is down for a while. and it is much easier to go on with pace when not having really stopped.
HISTCONTROL=ignorespace
unset RANDOM
RANDOM=4
clear
...
If RANDOM is unset, it loses its special properties, even if it is subsequently reset.
HISTCONTROL If the list of values includes ignorespace, lines which begin with a space character are not saved in the history list.
RTFM can save your server AND your bet ;-)
it is cheating of course if the predefined rules tell us about such requirements and if these are not met any more when unsetting RANDOM ahead of it.
i have two other possibilities at hand, that do not involve two SSDs:
And if your company wants you to use rotten software, they also want you to give them the delays, downtimes and annoyances that naturally come with rotten decisions, just keep that in mind.
Here is one thing to remember and why i call it rotten software and rotten decisions:
Microsoft offers a free “blame the ransomware people” to any CTO who just wants to receive money without working at all or not having to “think” during work. That same CTO can get a bonus after “solving” the ransomware issue and then: “look how ‘invaluable’ that CTO is to the company” he “worked” for month ( yelling at engineers he previously told to install rotten software???) and resolved the ransomware issue!! This is same to those who work. no law has ever given people that many payed breaks from work as “rotten software” vendors did. and if you made a mistake and did not get trained before, you could blame bot beeing trained.
Look at it from a “fingerpointer” point of view, one cloud always blame someone else for everything and the only one to blame is too big to fail and also untouchable due to their army of darkness lawyers. thus anything happened? no one could be guilty AND be held responsible. Also if one is slow at work, and so is his OS, obviously easy to blame someone else again.
so microsoft offers a “solution” to “boss wants you to work more and quicker” but remember, that same boss only “needs” a cover for his own ass to be able to point to someone else and the ones creating the rotten software do deliver that ;-)
i do not know any better wording for such a situation than “rotten” thus i name it so.
that could come in veery handy once microsoft wants to pull some plugs. i guess we can be grateful for the backup that is 1. not 100% in m$ hands any more then and 2nd cannot be as easy destroyed as some backups at archive.org. i actually hoped for someone with enough money to create this type of security after m$ assimilated github and thought like “does nobody see the rising danger there?” but even if china’s great fork might be more reliable than m$ over time, maybe it’s better to have your own backups of all the things you actually may need in future.
btw did microsoft manage to get rid of the hackers that settled into their network for … how long??
i guess they’ll tell