greglarious - Slashdot User

Comment sorry, not sorry (Score 1) 239

by greglarious on Monday September 04, 2017 @11:49PM (#55139417) Attached to: Oracle Staff Report Big Layoffs Across Solaris, SPARC Teams

Having spent years struggling with Solaris instability for java (see madness linking required kernel patches to JVM upgrades) I honestly cant think of a single aspect of it that I miss. Regarding SPARC, I remember the JavaOne conference where Intel engineers sat side-by-side with Sun JVM engineers to describe their partnership to delivery the best Java performance ever. I also remember switching a specific Java application from SPARC to Intel with no other changes and seeing at 23x performance boost while lowering hardware costs. Not missing a single thing about SPARC either. Perhaps my experience was a fluke. Are there many people out there productive and stable using SPARC and Solaris? I had always assumed the entire market segment was maintaining legacy systems in situations where there was no money to move forward with modern choices.

Building a Honeypot To Observe Shellshock Attacks In the Real World 41

Posted by timothy on Thursday October 02, 2014 @11:39AM from the distract-them-with-fresh-targets dept.

Nerval's Lobster writes A look at some of the Shellshock-related reports from the past week makes it seem as if attackers are flooding networks with cyberattacks targeting the vulnerability in Bash that was disclosed last week. While the attackers haven't wholesale adopted the flaw, there have been quite a few attacks—but the reality is that attackers are treating the flaw as just one of many methods available in their tool kits. One way to get a front-row seat of what the attacks look like is to set up a honeypot. Luckily, threat intelligence firm ThreatStream released ShockPot, a version of its honeypot software with a specific flag, "is_shellshock," that captures attempts to trigger the Bash vulnerability. Setting up ShockPot on a Linux server from cloud host Linode.com is a snap. Since attackers are systematically scanning all available addresses in the IPv4 space, it's just a matter of time before someone finds a particular ShockPot machine. And that was definitely the case, as a honeypot set up by a Dice (yes, yes, we know) tech writer captured a total of seven Shellshock attack attempts out of 123 total attacks. On one hand, that's a lot for a machine no one knows anything about; on the other, it indicates that attackers haven't wholesale dumped other methods in favor of going after this particular bug. PHP was the most common attack method observed on this honeypot, with various attempts to trigger vulnerabilities in popular PHP applications and to execute malicious PHP scripts.

Comment inflexibility feeds bitter rant (Score 1) 608

by greglarious on Wednesday July 09, 2014 @06:28PM (#47420145) Attached to: Normal Humans Effectively Excluded From Developing Software

i have been a happy, geeky, non-autistic developer for 2.5 decades
love the fresh new concepts entering my work world every year
proud of the way this profession has matured

the author's notion of "normal human" sounds like someone unwilling or unable to work to develop their talent. that might be common but it is not admirable.

computer science is young and will remain a fast-evolving frontier for many decades. as it is slowly tamed, less adventurous souls may participate. until then, anyone needing a profession where they can safely apply a set of unchanging, formulaic solutions learned in school would be advised to look elsewhere or be born far into the future.

Slashdot Top Deals