Posts by Crazy Operations Guy

Not a new problem

Back during the halcyon days of the internet, it wasn't uncommon for attackers to modify log files.

More recently, I worked for a manufacturer that was producing one of those toys that people were trampling fellow shoppers to get their hands on it. One of the assembly line drones hired to fill production gaps made his way into the factory mainframe. He patched the DB libraries so that finished products from his coworkers would be credited to him, earning him substantial performance bonuses. The data was also altered so that units built by him would appear as rejected by the inspector and thrown in the reject bin, but would really be going into his pocket, where he'd sell them for ~$500 a piece on eBay. The "rejected" units would be attributed to a random assembly drone and marked as being inspected by a random inspector.

All the production numbers, QA numbers, and inventory control would be in line with each other at the end of the day, so no one noticed. The guy ended up defrauding the company for close to $350,000 in bonuses and in proceeds from the stolen property. We only found out after attempting an upgrade to the db software and the diffs for the libraries wouldn't apply properly (since he messed with the lines being used to determine the proper context for line changes)

When are those laser-comm satellites supposed to be ready?

I can;t wait until they start deploying those laser-based comms satellites. We really need a second method of getting data across the water, the massive cables are fine for the bulk of it, but a backup in case something like this happens, is really needed.

Really should be other methods of anti-counterfeiting

Maybe they should use some kind of two-factor authentication or something? Maybe cut a certificate for each attendee and equip the badges with an NFC-enabled smart card rather than just a standard tag. Or maybe integrate the processor for their two-factor tokens and only make it readable via NFC. Or I"d assume that they would have some kind of anti-copying badge product meant for producing secure ID cards for employers.

RSA is a massive security conglomeration, why aren't they acting like it?

WiFi vs. cellular

I don;t care too much about Ads on WiFi, but I certainly do on cellular. I've noticed that one of the apps I was using would download ads intended for non-mobile devices, then shrink it down on the phone. Nothing kills a data plan faster than grabbing a 20 MB chunk of video every 5 minutes over the air...

It'll look good next to the 56 Gbps FDR Inifniband card running FCoE in my DB servers to our fiber-channel SAN...

Never change production equipment

The beauty of cloud /virtualization seems to escape Google. The proper way of working on something like this would have been to spin up a new DC with the changes needed, then slowly move stuff from another DC to it. Once everything is moved, you perform the changes on the now-empty DC, and once done, move the machines over from another DC. Allows for keeping the machines fresh and timetables can be shifted without affecting production.

Medical imaging

It'd be so useful for medical staff where just looking at patient would bring up their scans and properly overlay the images so any internal damage appears on the skin, or in a way that the patient looks translucent. Maybe add some kind of facial recognition and a brief synopsis of the patient's records so that doctors can ensure they are giving treatment to the right person.

I'd also like to see something that tracks surgical objects during surgery so that any foreign object is highlighted in the surgeon's view so they don't forget about their materials. A ridiculous number of people have experienced severe surgical complications because someone left a sponge in their abdominal cavity. There've also been cases of scalpels, forceps, retractors, and sorts of other tools left inside patients. I've personally had the end of a suction hose left in after my appendectomy, luckily it was close enough to the surface that it caused an obvious bulge under my skin.

Mozilla has also allowed other bad certificates

Looking at Mozilla's list of authorized CA's in Firefox, noticed several bad authorities still getting updated with certs for several different country's intelligence agencies, including PM/SGDN - IGC/A (The French intelligence agency that was caught issuing fraudulent *.google.com / *.gmail.com certificates a few years back).

The worst part is that Firefox re-adds them whenever it updates. I've gone the route of setting up a proxy server that does crypto re-encapsulation so all my clients just see the one certificate. My proxy only trusts a very small number of vetted Certificate Authorities.

Why use robots when the country just got a whole flood of cheap humans

Its probably cheaper to hire Syrian refugees than to buy and maintain adaptable robots. I have no problem with that, since the additional employees mean a higher tax revenue and a higher GDP, which benefits everyone.

All had saved the US going through the much lengthier MLAT (mutual legal assistance treaty) process.

Then perhaps they should just figure out how to streamline the MLAT process and scrap SCA / LEADS / ECPA. I'd rather that justice moves a little slower than risk violating the basic human rights of foreign citizens...

Completely pointless anyway

The phone itself wasn't even the property of the killer, but rather a device given to him by his employer, the City of San Bernardino. He had two other phones, both of which were destroyed. The probability of there being anything remotely useful is practically nil, who would be stupid enough to put information about the attack they were planning on a device owned by their target when they had two other options already in use? And if it did contain anything useful, why didn't he destroy it like the other two phones?

What really bothers me is how much attention has been paid to Apple rather than the IT department that failed to properly deploy Mobile Device Management software onto everyone's phones. They had such software installed on the vast majority of the phones they were given to employees anyway, so there was no reason why the Killer's phone wouldn't have it (in which case the city could've just reset the password themselves and none of this shit would've gotten anywhere close to the fan)

Defeating the purpose

"With abuse-based blocking, we need solutions to enable precise filtering beyond IP address blocking of Tor exit nodes, so that benign Tor users don’t have to suffer from the abusive actions of other Tor users sharing the same exit node." ®

So the solution is to implement would be some sort of token to identify users to differentiate them as 'trustworthy'; which would be kind of defeating the purpose of Tor as an anonymizing service...

Scope of the study

What geographical regions did they study? If they were just studying Amazon and eBay within Israel, then I'm surprised that the gap was only 20 cents on the dollar.

A proper study would've broken it down by region, if not country. Gender inequality is definitely a cultural thing and ignoring that make the data less than useless. Who does it help when you combine gender data from a place like Saudi Arabia or Afghanistan, where you're likely to see an eBay auction -for- a woman; and a place like Sweden or Germany, which were founded on the concept that if you can cleave a Roman's head in two with a battle, you're a warrior no matter what is in your pants.

Funny how there seems to a correlation between sexism and how theocratic a country is...

"causing damage estimated at over $300,000."

Its a hospital, the human cost is far more important than the cash. Besides, $300,000 is nothing to a hospital's IT budget since anything they buy has had its price inflated by at least a factor of 10 due to it being 'medical grade'...

Easy way to identify a fake

If an email or SMS message is claiming to be from a government agency, its obviously a fake; governments are too incompetent to use any technology made after 1965; seeing as no politicians seems to know how one of those new-fangled 'comm-poot-ors' work and all.

I worked as a contractor for the Senate for a while, there are far too many senators that have their staff print all their emails so that they can read it, and then have their secretary dictate a response. I personally knew of 5 of them that did that and I heard about several others from the other IT folk while I worked there. One of them is a prominent member of several computer/telecom related committees...

Upgrade by uninstalling

No security software is far better than this piece of crap. At least by going bare, the user would be a bit more cautious rather than relying on the AV to protect them.

Really, remote support should be relayed through an SSH connection with the support person sending their public key to the user to be supported. The support application would then add that to the authorized_users file, which is normally left completely blank. The support certificate would be created by a CA set up for that purpose and its public key added to the AV product. This way, the VNC server remains fully secure until its needed, and when they do connect, bot ends can be validated. No passwords to deal with, just secure connections. And the certificate the support person is using could be made single-use by revoking it once the end user confirms the ticket is closed and the issue fixed.

" project costed at $2.5m"

How is it possible that Wikipedia goes through money so quickly? Are they burning it to heat the building? Seriously, it seems like every other week they're begging for more money...