Minwee - Slashdot User

Comment Re:What moron puts IPMI public facing? (Score 3, Insightful) 102

by Minwee on Friday June 20, 2014 @03:16PM (#47284107) Attached to: Supermicro Fails At IPMI, Leaks Admin Passwords

In increasing order of moron, here are a few ways that this can happen:

1) The IPMI may share the same port as the primary network interface.

2) You may have requested an expensive switching architecture with proper VLAN segregation, but your manager only approved you to take the old D-Link box from under his desk, forcing everything to be on the same segment.

3) The people who run the datacentre may have thoughtfully connected every Ethernet port they could find to your switch, even the one with that funny wrench symbol on it, without telling you. In many cases it's possible for a server to be purchased, received, installed, configured and put into production without any of its owners ever seeing it in person. Throw in a heavy dose of "It's somebody else's problem" all around and anything can happen.

4) In some organizations (and I'm not going to name any), IT policy like "All management ports must be reachable from our head office and the IT support desk in Hyderabad" is set by people who think that "security" means remembering to lock their Lexus.

Comment Re:Wha? (Score 5, Funny) 102

by Minwee on Friday June 20, 2014 @03:07PM (#47284033) Attached to: Supermicro Fails At IPMI, Leaks Admin Passwords

>That's pretty terrifying stuff!

It's pretty handy if you have 100 racks of 30 machines each and no monitor or keyboard on any of them.

And with SuperMicro BMCs, it's even more handy when you don't own any of them.

Comment Re:Wha? (Score 2) 102

by Minwee on Friday June 20, 2014 @03:06PM (#47284019) Attached to: Supermicro Fails At IPMI, Leaks Admin Passwords

SuperMicro built these PIN code locks with the correct code clearly printed on the side of the PIN entry panel.

What's even more frightening is what some of those codes were set to by the security conscious (or is that unconscious) people in charge of them:

[...] at the point of this writing, there are 31,964 systems that have their passwords available on the open market. It gets a bit scarier when you review some of the password statistics. Out of those passwords, 3296 are the default combination. Since I’m not comfortable providing too much password information, I will just say that there exists a subset of this data that either contains or just was “password”.

President Skroob's luggage looks like Fort Knox compared to these things.

Comment Whose press release was this copied from? (Score 4, Interesting) 51

by Minwee on Wednesday June 18, 2014 @02:28PM (#47264895) Attached to: Restored Bletchly Park Opens

Bletchley Park looked to its most valuable resource — the veterans who worked there

...and fired them for daring to show historic computers to visitors. And then kicking out the amateur radio society to replace them with a gift shop, and finally putting up a chain link fence to make sure nobody accidentally visits the real museum in building H.

The only reason the current Bletchley park management haven't levelled the place to put up a Starbucks is that the donors might notice and cut off their multi-million pound gravy train.

Comment Re:FP? (Score 2) 173

by Minwee on Thursday June 12, 2014 @12:27PM (#47222867) Attached to: The Government Can No Longer Track Your Cell Phone Without a Warrant

No they can't. Google fruit of the poisonous tree.

Google "Prove it".

Comment Re:I'm waiting for IPv7 (Score 2) 197

by Minwee on Wednesday June 11, 2014 @01:28PM (#47214043) Attached to: Latin America Exhausts IPv4 Addresses

Waiting for IPv7, I hear its going to be much better.

Whatever you do, don't settle for IPVista.

Comment They're doing it wrong (Score 3, Funny) 197

by Minwee on Wednesday June 11, 2014 @01:27PM (#47214035) Attached to: Latin America Exhausts IPv4 Addresses

This is a solved problem. As one of the smartest and most knowledgeable computer experts in the world, Stephen Fry, has said, all they need to do is register a .uk domain to generate new IP numbers.

Comment There is much more interesting news. (Score 1) 309

by Minwee on Tuesday June 10, 2014 @01:23PM (#47204287) Attached to: Was Turing Test Legitimately Beaten, Or Just Cleverly Tricked?

A 13 year old boy was also able to pass the Turing test, convincing a panel of middle-aged judges that he was an actual person.

Comment Re:No Good Deed Goes Unpunished (Score 1) 378

by Minwee on Monday June 09, 2014 @04:57PM (#47198095) Attached to: Kids With Operators Manual Alert Bank Officials: "We Hacked Your ATM"

Did "Bank of Montreal" not clue you in that this wasn't in the USA?

Why should it have? There are hundreds of BMO branches in the USA.

Comment Re:1984 eleventyoneone!!!! (Score 1) 378

by Minwee on Monday June 09, 2014 @04:48PM (#47198007) Attached to: Kids With Operators Manual Alert Bank Officials: "We Hacked Your ATM"

And then arrested if they were suspiciously taller than a policeman.

Comment Re:Not surprising. (Score 4, Funny) 378

by Minwee on Monday June 09, 2014 @04:37PM (#47197923) Attached to: Kids With Operators Manual Alert Bank Officials: "We Hacked Your ATM"

Not just in French, but with the French on top and in a larger typeface so that it is markedly predominant.

It's the law.

Comment Re:Because... (Score 1) 325

by Minwee on Friday June 06, 2014 @04:39PM (#47182777) Attached to: Fixing the Humanities Ph.D.

You can't have one without the other.

Comment Re:market at work (Score 1) 325

by Minwee on Friday June 06, 2014 @03:43PM (#47182291) Attached to: Fixing the Humanities Ph.D.

If people in this field actually tried to use this amazing insight to better the world, society might put more value in it.

Instead, they circle jerk amongst themselves with projects so bafflingly abstract that no one outside of their field gets any kind of value out of it.

There's no need to keep bashing on Computer Science here.

Comment Re:Are they taking advice from law schools? (Score 1) 325

by Minwee on Friday June 06, 2014 @03:39PM (#47182261) Attached to: Fixing the Humanities Ph.D.

But a reasonable period in academia of 4 or 5 years for a PhD should be enough to differentiate candidates and put them on that track or not, instead of leading people along for 7+ years before flushing them.

What, and give up three or more years worth of tuition, fees, and cheap labour? You're talking as if the goal of a University is somehow academic in nature, rather than to make as much money as possible.

Comment Re:Because... (Score 1) 325

by Minwee on Friday June 06, 2014 @03:33PM (#47182219) Attached to: Fixing the Humanities Ph.D.

I was never given the impression that my parents took me to little-league games for the purpose of that I might someday become a profession athlete. More likely, they just thought having some athletics would be beneficial, both socially and medically.

If only there was some sort of parallel with the study of things like history, art and literature here.

Slashdot Top Deals