It's that simple. Even with the patches, bash is still running the contents of environment variables through its general command parser in order to parse the procedure. That's ridiculously dangerous... the command parser was never designed to be secure in that fashion. The parsing of env variables through the command parser to pass sh procedures OR FOR ANY OTHER REASON should be removed from bash outright. Period. End of story. Light a fire under the authors someone. It was stupid to use env variables for exec-crossing parameters in the first place. No other shell does it that I know of.

This is a major attack vector against linux. BSD systems tend to use bash only as an add-on, but even BSD systems could wind up being vulnerable due to third party internet-facing utilities / packages which hard-code the use of bash.

-Matt

Depends on what PHP is doing. If it makes a call to system(), anywhere... No, you are not. (Assuming you have bash as /bin/sh - the BSD's don't, and some Linux distros don't.)

If it stays entirely within PHP, then you are. But that'd be a lot of work to double check - You need to check every line of code you run, and the php interpreter itself to see where it calls out.

From the Ars story on the article: Apparently there's some newish law that would keep them from commenting specifically on Section 215 - If they want to do aggregate disclosure they have to group it with disclosures under another law. (Section 702 - which we know they have received orders under, since it was in the Snowden files.) (They also have the option of doing non-aggregate disclosures, but they couldn't do it immediately.)

It's built into Android as well, typically accessible from the Setup/Security & Screen Lock menu. However, it is not the default in Android, the boot-up sequence is a bit hokey when you turn it on, it really slows down access to the underlying storage, and the keys aren't stored securely. Also, most telco's load crapware onto your Android phone that cannot be removed and that often includes backing up to the telco or phone vendor... and those backups are not even remotely secure.

On Apple devices the encryption keys are stored on a secure chip, the encryption is non-optional, and telcos can't insert crapware onto the device to de-secure it.

The only issue with Apple devices is that if you use iCloud backups, the iCloud backup is accessible to Apple with a warrant. They could fix that too, and probably will at some point. Apple also usually closes security holes relatively quickly, which is why the credit card companies and banks prefer that you use an iOS device for commerce.

-Matt

Assuming POP/IMAP and SMTP aren't blocked - which is even more likely to be the case than that the Gmail page is blocked.

Might work, but doesn't solve any of this guy's problems.

Sure. If the Internet service is that bad, I’m guessing it's some developing country that's nationalized the Internet. Therefore, they want you using their servers and services, because half the point is to make spying on you easier. Not particularly uncommon... (Often they'll only block it if it's encrypted or something like that.)

Actually, an iPad sounds like exactly what he's looking for: Locked-down, with specific functions accessible. There's even some provisions for remote maintenance by authorized personnel. (He'd have to get OS X server and configure things first, I think, but it should be possible.) Main problem is dealing with connecting it to a dial-up link.

You are making the assumption that Gmail isn't blocked, and that the users in question would be open to changing their email addresses.

Also, webmail over dialup has the distinct disadvantage of requiring you to be online to read your email. This ties up your phone line, and may cost money. Batch-download is normally a better solution over intermittent links: Connect to get your email, disconnect, read it, write replies, connect to send. Total time online: usually less than a minute.

1: It's wordy. Larry Wall's famous statement on it is: 'I knew I’d hate COBOL the moment I saw they’d used “perform” instead of “do”.'
2: It's Crufty. Lots and lots of odd corner cases that are there because it made sense in the 70's, as well as decisions that used to be standard: All variables have to be declared at the start of the program, for instance. (With strong typing.)
3: It's finicky. The position (not the indentation) on the line matters, you have to declare things like your input and output formats formally (and separate from where you use them), etc.

COBOL is an excellent example of design-by-committee and then 'accumulate features as needed'. It's object-oriented features are a great example: Bolted on as an obvious afterthought, at a weird angle from the rest of the language, but yes it can be used. It all works, and you can write programs in it, but it's like being forced to write a bad instruction manual.

What it can do that other languages can't, mostly, is run on Big Iron with legacy code from before I was born. It has some decent features for financial markets (decimal numerics are supported natively, for instance), but mostly it's that it's been in banks and big institutions for decades and it's cheaper (and less risky) to hire someone to support it than to hire teams to rewrite their entire codebase. It works, and has been working, basically forever in computer terms. My mom learned COBOL in college, on punchcards. The language hasn't changed all that much since then. (For good and bad.) It's unlikely ever to be 'cool', but it's also unlikely to go away anytime soon.

I read somewhere that not only was Comcast doing their hotspot crap, but that they will also be doing javascript injection to insert ads on anyone browsing the web through it.

Obviously Comcast is sifting whatever data goes to/from their customers, not just for 'bots' but also for commercial and data broker value. Even this relatively passive activity is intolerable to me.

Does anyone even trust their DNS?

Frankly, these reported 'Tor' issues are just the tip of the iceberg, and not even all that interesting in terms of what customers should be up in arms about. It is far more likely to be related to abusing bandwidth (a legitimate concern for Comcast) than to actually running Tor.

People should be screaming about the level of monitoring that is clearly happening. But I guess consumers are mostly too stupid to understand just how badly their privacy is being trampled.

There is a solution. Run a VPN. If Comcast complains, cut the T.V. service and change to the business internet service (which actually costs less).

-Matt

Possibly. But the short-term social disruption would not be something I'd like to witness.

And since the 'short-term' in this case is probably 'a generation or two', I'd have to be a witness. (Or dead.)

All it takes is a couple of people who 'aren't infected, just look' (there are a few days of little-to-no symptoms) to bribe some official to get on some plane or past a border check. We're a significantly more interconnected world today than even a hundred years ago - you don't need rats to spread things widely.

It's not a pandemic - yet. But it wouldn't take much for it to be one, and it would be major.

It depends partly on what features of ZFS you'll be using, and what types of performance you need. In general, you can run ZFS for an arbitrarily-large disk set with about 2GB of RAM - but you won't be using the memory cache features of ZFS much at all. The more ram you have available, the more it'll assign to the ARC (read cache). If you are running a media fileserver, where every read is a large file and is unique, then the ARC doesn't make much difference. If it's a webserver, where you read the same small files over and over, it's a huge difference. Things like compression and larger checksums also can take slightly more RAM.

The one real computable is if you try to turn on deduplication - you need something like 5GB of RAM per TB of data to be deduped, or performance goes to hell. This is to store the dedup lookup tables (which are put in the ARC) - if you can't fit them into RAM, every read/write adds having to read them into RAM, lookup where the data is, and then load the data. (Which can mean several reads per IO op.) Note that you don't have to dedup the entire dataset - it's on a per-filessystem basis. (And ZFS makes creating filesystems trivial.) Still, it's best to leave it off unless you have ungodly amounts of RAM to throw at it, and know you are storing heavily duplicated data.

That is a feature, not a problem.

There are multiple programs out there to restart demon processes, if needed, with varying amounts of notifications to the admin, and varying interfaces. You pick which works best for you. An embedded appliance may need a 'restart at all costs, write a log and forget about it' program. You may want your restart program to email you, while someone else may prefer a web interface to check status. Maybe some programs should only be restarted in specific circumstances.

The Unix way is not to try to be everything to everybody, but to pick a specific function and do it really well, in a way that lets others do the same thing in a different way if they find the need to do so.

(I'll admit the biggest red flag to me about Systemd is binary logs - that prevents many useful things, in my experience.)

Designing algorithms that play well in a SMP environment under heavy loads is not easy. It isn't just a matter of locking within the protocol stack... contention between cpus can get completely out of control even from small 6-instruction locking windows. And it isn't just the TCP stack which needs be contention-free. The *entire* packet path from the hardware all the way through to the system calls made by userland have to be contention-free. Plus the scheduler has to be able to optimize the data flow to reduce unnecessary cache mastership changes.

It's fun, but so many kernel subsystems are involved that it takes a very long time to get it right. And there are only a handful of kernel programmers in the entire world capable of doing it.

-Matt