Comment Kernel.org may not bother with clean wipe (Score 2) 183

by mindbuilder on Saturday September 03, 2011 @07:13PM (#37299044) Attached to: Kernel.org Attackers Didn't Know What They Had

Disturbingly they seem to have considered not wiping and reinstalling.

System is being verified from backups, signatures, etc. As of right
now things look correct, however we MAY take the system down soon to do
a full reinstall and for more invasive checking.
(emphasis added) John 'Warthog9' Hawley
Chief Kernel.org Administrator http://pastebin.com/BKcmMd47

It appears that the chief kernel.org system administrator is so naive about security that he doesn't even realize the absolute necessity of a full wipe and reinstall after compromise of such an important site. It also appears that there was no routine booting from read only media to check system files and startup scripts for changes. And no daily rootkit scan. If it was me, I would trash the motherboard for fear of BIOS or other firmware contamination. Exploits living on the firmware of network cards and other places have been demonstrated.

21560406 comment

Comment Re:vodka (Score 1) 95

by mindbuilder on Saturday June 11, 2011 @05:26AM (#36409710) Attached to: Russian Lie Detector ATM

>voice rec dont work if you are drunk up on vodka

Voice recognition of lies doesn't work at all. So it seems these bankers have fallen prey to a kind of ATM ripoff before they even deployed these ATMs.

21345402 submission

Submission + - ISPs Consider World IPv6 Day Giant DOS Attack (potaroo.net)

Submitted by mindbuilder on Wednesday June 01, 2011 @12:30AM

mindbuilder writes: Geoff Huston, chief scientist of APNIC, is saying that part of the reason for World IPv6 day is that internet content providers are worried that carriage providers are going to take advantage of the transition to widespread NAT to somehow control access to their customers and make content providers pay extra to carriage providers.

Carriage providers on the other hand see World IPv6 day as almost like a huge denial of service attack against their networks. Among other things they’re worried that they will be swamped by expensive tech support calls as customers can’t get to their favorite web sites. Some carriage providers are planning to block IPv6 traffic on World IPv6 day to protect their networks.

Meanwhile, the fact that many ISPs pay extra for equipment to put millions of internet users behind NAT and TAKE AWAY IPv4 addresses, even though they could get IPv4 addresses practically for free, makes it look to me unlikely that a lot of ISPs will pay extra to do the opposite and give out IPv6 addresses any time soon.

21226134 submission

Submission + - OpenSSL Timing Attack Steals Private Keys (threatpost.com)

Submitted by Trailrunner7 on Thursday May 26, 2011 @11:48AM

Trailrunner7 writes: Remote timing attacks have been a problem for cryptosystems for more than 20 years. A new paper shows that such attacks are still practical and can be used to steal the private key of a TLS server running OpenSSL. The researchers, Billy Bob Brumley and Nicola Tuveri of Aalto University School of Science, focused their efforts on OpenSSL's implementation of the elliptic curve digital signature algorithm (ECDSA), and they were able to develop an attack that allowed them to steal the private key of an OpenSSL server.
In an interview, Brumley says that the attack is just a symptom of other problems. "Perhaps the scariest part is that the piece of code introducing the vulnerability has been in the library since roughly 2005. This shows that identifying timing attack vulnerabilities is a daunting task. This isn't the first timing attack vulnerability discovered in OpenSSL, and I can guarantee it won't be the last."

21204726 submission

Submission + - Proof IPv6 Will Never Take Over (ripe.net) 1

Submitted by mindbuilder on Wednesday May 25, 2011 @03:30PM

mindbuilder writes: Internet Service Providers can today get IPv4 addresses for all their customers practically for free (except recently in the APNIC region). Yet the ISPs still put hundreds of thousands of users behind NAT. They do this to spite the extra equipment costs of NAT. If they're willing to pay extra to NOT give customers IP addresses, Why would they want to pay extra to upgrade their systems and give away IPv6 addresses, any time soon?

21204140 submission

Submission + - Will IPv6 never be adopted? (ripe.net)

Submitted by mindbuilder on Wednesday May 25, 2011 @03:07PM

mindbuilder writes: It is said there are ISPs with hundreds of thousands of users behind NAT. I used to assume this was because they had to pay a small but non-negligible fee for IPv4 addresses. But someone pointed out to me that you get all the addresses you want for a low yearly fee. The difference between the fee for small ISPs and the biggest ISPs is only about 3000 Euros. That seems negligible for a large ISP, even one in a poor country with fierce competition, especially when you factor in the cost of NAT equipment and management.

So the question is: If they can get IP addresses now for nearly free, why don’t they? If they don’t want the IP addresses, are they even going to care when IPv4 addresses run out? Is the incentive to give customers IPv6 addresses ever going to overcome whatever disincentive there is now to give customers IPv4 addresses? Will we have to wait multiple decades before they decide to enable IPv6?

20284640 submission

Submission + - Asia Has Officially Run Out of IPv4 Addresses (apnic.net)

Submitted by mindbuilder on Thursday April 14, 2011 @06:53PM

mindbuilder writes: The Asia Pacific and Australia region has officially run out of Internet protocol version 4 addresses today. Actually they have a few left but they've begun their "final eight policy", so addresses will only be dolled out in tiny quantities over the next several years. Even regions with addresses still available will be effected by this because making contact to computers in the APNIC region will get harder as more APNIC users have to start sharing addresses from behind NAT. If you or your family are in the market for a wireless router or other network gear, be sure to look for IPv6 compatibility.

19822278 submission

Submission + - Asia runs out of internet addresses next month (potaroo.net)

Submitted by mindbuilder on Saturday March 19, 2011 @06:03PM

mindbuilder writes: At the rate the Asia pacific region has been consuming IPv4 internet address this year, it is expected that they will run out before the end of April, and perhaps closer to the beginning of April. Even if your region will still have addresses available, the sharing of addresses using NAT that will be necessary in the APNIC region will cause communications problems for users in every other region trying to contact APNIC users. Therefore it would be best if users in every region start moving to IPv6 as soon as possible.

2684519 comment

Comment Re:Wow... (Score 1) 569

by mindbuilder on Friday June 27, 2008 @12:10AM (#23962469) Attached to: The Fight To End Aging Gains Legitimacy, Funding

>500 years from now, just think how out of touch the elderly will be!

People will learn to keep themselves updated better.

What is this strange thing that makes people want to deny the likelihood of curing aging within the next few decades? I saw a survey of doctors that reported that the doctors thought that the average life expectancy a hundred years from now would be only about a hundred years. That means those doctors thought aging wouldn't be cured for more than 200 years! What on earth possesses people to think that progress will be so slow?

« Newer Older »

Slashdot Top Deals