* Posts by Crazy Operations Guy

2513 publicly visible posts • joined 29 Jun 2009

AT&T grabs dictionary, turns to 'unlimited', scribbles it out, writes: '22GB a month'

Crazy Operations Guy

Re: Don't sell what you can't deliver! Increase capacity, DUUUH!

They can't expand the network... The wired side of the network has enough bandwidth, the congestion is on the wireless side. There is only so much data that can be passed over the spectrum set aside for the 4G technologies. The only way to actually increase bandwidth using modern technology would be to turn down the power on the towers and start building a lot more of them closer together.

Shedload of security bugs squashed in iOS 9 – what the hell went wrong with iOS 8?

Crazy Operations Guy

One big fix that iOS 9 fixes

The cynic in me believes that they waited until a major release like this so that anyone still using a device that can't upgrade to 9 will now need to buy a new device to remain safe.

Uber is killing off iconic black cabs, warns Zac Goldsmith

Crazy Operations Guy

Re: Is that a tragedy?

Indeed. Once on a business trip I took a Black Cab from Heathrow to downtown London, the bill from that killed my transport budget for the rest of the week. Took Uber on the way back ended up with a bill less than a quarter the cost, plus it was easier to get to my destination as I typed it rather than tell my destination to some guy who sounded like he was trying to swallow a bag of marbles...

Microsoft's 'anti-malware Device Guard' in Windows 10: How it works, what you need

Crazy Operations Guy

Many core processors

I've always wondered why nobody bothered doing this in hardware. You'd have a couple real-time processors set aside for the OS and hardware interfacing, each one of which has its own dedicated memory (Possibly even dedicated chips) and then you'd have all the user stuff run on a huge cluster of standard processor cores. That way the OS is fully protected and immune to even cache-poisoning attacks since it runs on what is essentially dedicated hardware. The Real-time chips could access both sets of memory, but the application cores can only access the shared memory.

A theoretical would system work like the following:

-A user application would just simply send dump a set of requested actions into the shared buffer (EG, I need this file, draw this on in my window, or send this packet to network. The process would then send an interrupt to the OS and the OS looks up the various system calls the process put through by the application process and either performs the action or denies the process based on some security process running simultaneously with the kernel.

-If an application requests a security-sensitive action, the OS itself could halt the application processors and run a check on the requesting process's memory space to verify it hasn't been tampered with and is trusted. If those checks pass, then the request is granted, else the request is denied and the anti-virus engine is called into action. The ability to stop the app cores while the OS still runs would be so very valuable in killing malware or even jsut prevent something from spoofing the OS.

-With enough cores, it could be possible to have every hardware driver run on its own core to interface with its associated piece of hardware. A single real-time core per PCIe lane or other interface would be sufficient to handle a system's needs. Each 'Driver" core would also come with its own bit of memory. This way the system would even be immune to hardware failures, the core running the driver would just need to be kicked. Hell, you could even support hot-swapping the video card...

Android 5 lock-screens can be bypassed by typing in a reeeeally long password. In 2015

Crazy Operations Guy

Re: And nobody considered...

Seriously... Sensitive security processes like that should take the kernel with it if it crashes and force the device to reboot. Any time a process like that crashes, then it should be assumed that the whole OS is compromised. Besides, a buffer overflow like this could be used as a handy code-injection method, especially since it'd be running under root and all...

Even NT4 would do that (if lsass.exe crashed, the system would immediately bluescreen)

Microsoft throws crypto foes an untouchable elliptic curveball

Crazy Operations Guy

Re: Good stuff!

Microsoft is really a couple different companies that happen to have the same name. The R & D groups tend to be given boatloads of cash to spend on whatever they want while some of the other groups are beaten down and forced to crap out code at the direction of the marketing and management overlords.

PRIMITIVE TOOLS found near MICROSOFT headquarters

Crazy Operations Guy

Re: They died out when

Except the iPencil proves that Apple only recently discovered tools...

Intel's 6th gen processors rock – but won't revive PC markets

Crazy Operations Guy

Re: Too many processors will confuse the market

Indeed. What is the difference between an Atom C2xxxx chip, a Pentium, a Core i3, and a Xeon E3?

Iranian hackers ease off on US after friendly nuke chats, says NSA

Crazy Operations Guy

Or that is just what they want you to think

Maybe its some other country that was carrying out the attacks but tapered off in order to implicate Iran. Or maybe the attackers have just found a much more subtle attack method, or succeeded in getting some kind of APT into some secure networks and no longer need to perform direct attacks.

</tinfoil_hat>

<head>

...

C5 tablet-using newsreader hotness

Crazy Operations Guy

Re: Obvious really, its...

El Reg really needs an age verification system...

3D printer blueprints for TSA luggage-unlocking master keys leak online

Crazy Operations Guy

Move baggage claim to a secure area

I've never understood why baggage claim is in a public area right next to all the transportation. I could understand it 20 years ago when the only things that people put in packed luggage were clothes and toiletries, so there was no interest in grabbing anything from a victim's bag. But now, we have to check pretty much everything due to insane security restrictions, so there is now a lot more valuable stuff that can be grabbed from them. US airports have those "point of no-return" gates, so why not add a second set just after baggage claim? It'd greatly reduce the number of stolen bags and no one could bring a bag back into the "secure" area.

Although I've always thought that they should set up automated kiosks where you scan your boarding pass and the machine spits out your luggage.

Feeling ripped off by your ISP? It's getting cheaper to pipe your packets globally

Crazy Operations Guy

$2 million pa for a 10GigE port

Excluding bulk discounts, that would be about right. Consider this scenario and it will make a lot of sense:

--In a metropolitan area an ISP may have 1 million customers, they provide each customer with a 20 Mbps link and charge $25/month for that link. This would produce $300 million dollars per year in income for a theoretical 240 Gb/s (valued at $480 Million of bandwidth) meaning a loss of $180m in just transit cost

That is the theoretical, however very, very few people actually use up all the bandwidth they pay for, so:

--Based on the fact that most ISPs have a 500 GB/month data cap, which works out to just under 0.2 Mb/s per connection. So now to feed that much bandwidth to would only take 2.4 Gb/s link for transit, so 2x 10 Gb/s links would be more than sufficient to handle spikes and heavy users. So this theoretical ISP would be receiving $296m in income after transit fees are subtracted.

Now consider that the ISP is also probably doing quite a bit of packet optimization and that a lot of packets don't actually leave their own network given their peering agreements with the big bandwidth consumers, and you see that $2m per year for a 10 Gb/s connection is nothing for them.

Crazy Operations Guy

Re: Pivot

Most of the Dark Fiber left only works at the 100 Mb/s level or lower. Long distance cables are a lot more then a piece of glass, there are repeaters every 100-200 Km, and those are the bottleneck. Since it takes about the same amount of energy to power a 100 Mb link as a 10 Gb link, companies are just laying new fiber that can accommodate 1,000-10,000x the bandwidth with the same operating cost, which is why NSPs are making mountains of cash while their fees keep falling. It works out that if they replace a piece of fiber with 10x the capacity, they can easily charge half as much but make 5x the profit (Assuming 100% usage) and even subtracting the payments on the loan to lay the cable, they still come out on top with a nice profit increase.

As for those old fibers, a lot of them have failed over time, and the rest get leased to companies to run private site-to-site links (mostly telcos for their long-distance back-hauls given the guaranteed bandwidth).

US braces for WW3 with Cyber Command 'Vision' of integrated cyberops

Crazy Operations Guy

Split the roles apart

I've always thought that the NSA and CyberCom need to be dissolved and re-built from the ground-up, each holding a different role:

--A defense agency that does purely defense, no offensive or criminal investigative roles, just ensuring that our infrastructure is up to snuff, blocking malware from coming into the country, doing security testing of various products, and producing security software for the people. This group would also run the central infrastructure for the US and the only group with access to the taps on the submarine cables (Specifically for installing malware firewalls, DoS/DDoS mitigation systems, and IDS / IPS type systems)

--An offensive agency that does all the intelligence gathering and attacks against foreign enemies

--A cybercrime investigative agency that would handle the investigation of computer crimes involving American citizens, and work with the varying police agencies and the justice department to ensure that computer crimes are handled properly.

Of course there would also be the requirement for any communication between the agencies to be fully reviewed and given the capability of review. Obviously crimes reported by the defense agency to the Investigation agency would be handles like a standard criminal case, so there would be the proper amount of privacy in there, it would of course be open for judicial review unlike the Intelligence Services Court.

The internet's Middle East problem: Who is going to do something about Whois?

Crazy Operations Guy

Verification at the registrar level

My solution for this would be to require the registrars to verify the identity of the person registering the domain (this would also stop people from using stolen credit cards to register malware domains). For privacy, the WHOIS data could either contain the name of the person that verified the registrant or the registrant itself, if they wish to remain anonymous.

They should also standardize the protocol so that it can be easily digested by browsers and the like. With this, I also propose that an additional field be added to WHOIS: a section on who is responsible for the certificates the website uses, and the Root authority of where that certificate is supposed to come from. If verification of ID is required anytime the WHOIS data is changed, it would help prevent spoofing a website since the cert wouldn't match the info in WHOIS.

Attention sysadmins! Here’s how to dodge bullets in a post-Ashley Madison world

Crazy Operations Guy

Re: BYOD...

Mobile devices were allowed for the simple reason that if we allowed the users to play on their own kit, they were far less inclined to try and get around the protection we put in place.

Crazy Operations Guy

Re: BYOD...

Indeed. One of my favorite clients put a ban on BYOD. You can plug your devices into the guest wireless all you want, but that network is a completely separate network from the corporate network and is connected to the internet using a business account from the local ISP.

As for the corporate network, all internet access requires a whitelist exception for both endpoints. Any exception also requires that whoever owns the remote system sign a contract that requires a 3rd party annual security audit.

For remote access, it must be done on a company-issues laptop that has had secure-boot turned on (Which only has a key for the company-customized / compiled Linux kernel). All the smartphones are set-up to proxy all voice and data traffic through a company-run proxy / PBX. That way if anyone wants to have access to their personal stuff and work stuff, they carry two devices. Beside, devices are so small and light nowadays that there really isn't an excuse for not carrying a second one.

--goddamn do I love defense contractors...

Crazy Operations Guy

Re: but you have to prevent the use of Chrome

Any place that does MitM packet inspection would block any encrypted packets going out the internet that couldn't be read. People using Chrome would be completely screwed and might complain, but then IT would just list Chrome as unsupported software and just go about their day. Security will always trump the preferences of the users.

Plus, the enterprise version of Chrome allows installing whatever root CA you want, so companies could still do all the packet scanning they want while only inconveniencing people that installed their own copy.

Ashley Madison made dumb security mistakes, researcher says

Crazy Operations Guy

5-8 character DB passwords?

That is amateur hour right there... DB passwords are something that gets copied/pasted and usually just sits in a config file, so why not make the thing as long as the DB will support? Maybe the DB admins for AM just really wanted to believe that 5-8 is really long and more than sufficient...

DSSD says Violin's right: SSD format is WRONG for flash memory

Crazy Operations Guy

PCIe storage makes me nervous

Given that there is no controller between the servers and the storage in this architecture, I get very nervous. You now have a very, very high-speed bus connecting all of your systems with absolutely no security involved. A single server compromised means that they all are. Plus given the way PCIe is built, any single compromise means that now that compromised server has access to all of RAM for every other machine connected (This is why I hate external interfaces with DMA).

This platform is only as secure as the weakest system connected to it, assuming you could trust those machines in the first place.

Security concerns aside, shaving milliseconds off of storage access is pointless in nearly every case. The biggest slow-down in applications is inefficient code, improperly used cache, and terrible architecture. I've seen so many installations that were slow because long ago someone decided to do multi-tenancy on a database server and rather than split things off, they just kept throwing hardware at the problem where eventually all of your web applications are hitting the same database server cluster, where each node now has 4x 16-core/32-thread processors, 1-2 TB of RAM and disks like the ones mentioned in the article to run hundreds of unrelated web applications when it would have been so much more cost effective to run 1-2 VMs per application to host each database.

We asked a maker of PCIe storage switches to prove the tech is more interesting than soggy cardboard

Crazy Operations Guy

A solution looking for a problem

Unless you're storing all of your data on NVMe SSDs, you aren't going to see a performance increase vs. just plopping the NVMe drives into the server chassis to cache your connection to the remaining drives hooked up via SAS / infiniband / Ethernet.

NVMe drives may be faster than a single SAS-attached SSD, but not twice as fast. So if you're sharing an NVMe array, you end up with less speed for an extreme increase in price and complexity.

Beside, any right-minded sys admin would get really nervous at the concept of an external interface having unfettered access to both the CPU and RAM.

Google Adblock shock a load of cock – users mock post hoc

Crazy Operations Guy

Simple solution for google

Just place the ad right into the stream of the video itself so that users either get both or neither. This whining about ad blocking is getting ridiculous and is hurting quite a few people. I suppose they wouldn't do something like that because lawyers are cheaper than processing power and they don't give a fuck about the collateral damage.

EU digi bloke: Come ON Europe, you're not TRYING ENOUGH

Crazy Operations Guy

" about 40 per cent do not use any at all."

So only 40% of European companies have an intelligent CTO? Sounds about right...

Files on Seagate wireless disks can be poisoned, purloined – thanks to hidden login

Crazy Operations Guy

@ Anonymous Blowhard RE:"independent testing and certification agencies"

Before my confidence in government was destroyed, I figured that that should be the role of the NSA / GCHQ / etc. They are tasked with cyber defense, so it would be logical that they'd be tasked with ensuring that the average citizen stayed safe when connected to the internet, especially now that the United States would suffer far more damage from a misplaced semicolon in router firmware than from the Pentagon getting nuked.

Sexy sock puppets seduce security suckers

Crazy Operations Guy

Re: I don't have a LinkedIn

AS a consultant, I've found it to be pretty useful. I keep in contact with various people at my clients so that I can predict when they'll need me again to work on their systems again (upgrades, capacity increases, etc) and keep a few weeks open for when their management calls me back. Then it helps again on-site in that I can ask my former co-workers if they've seen the problem I've been running into at the customer site.

OFFICIAL: Zuck's BIG in-your-face Facebook Messenger SHOVE finally pays off

Crazy Operations Guy

"Get an iPhone."

So your solution to 'My phone is running out of storage space' is to buy a phone that lacks the ability to expand its storage space?

128TB SSD by 2018? Toshiba promises much, delivers ... a little

Crazy Operations Guy

Re: Dear SSD manufacters

Indeed, I've seen a lot of 2U, 3U and 4U servers that could've easily been 1U if they used 2.5" drives. A 2.5" disk takes up a mere eighth of the space as a 3.5" disk. The only reason 3.5 disks are still around is there price / GB advantage they have over their smaller counterparts.

Stench of confiscated dope overwhelms Catalan cop shop

Crazy Operations Guy

Its more than possible. Its a common problem in Marijuana dispensaries. THC itself is an oil that can evaporate at room temperature, it just does so at a relatively low rate, but when you have thousands of plants all emitting a tiny amount of vapor each...

Linux Foundation releases PARANOID internal infosec guide

Crazy Operations Guy

Re: OpenBSD / Laptops

Most of the time, I forgo Firefox in favor of SeaMonkey; uses a lot fewer resources while supporting the same add-ons, plus it has a mail client built into it.

Crazy Operations Guy

Safe data destruction

That is why I made friends with a deep-sea fisher. Every few months I go out on a trip with them and throw my old disks (sans top covers) into the Pacific beyond the continental shelf. I challenge anyone to get to my information once its been subjected to 10 million Pascals of pressure and the salinity of the ocean, let alone recover that 20 cubic inch object from millions of square kilometers of thick muck.

Crazy Operations Guy

OpenBSD / Laptops

I have a lot of luck running it on older Lenovo laptops the (S)L410 runs like a dream with all hardware supported (My company just surplussed a couple thousand of the bastards, so you can probably pick them up for 50-100 buck depending on specs).

As for security, I've found that OpenBSD + XFCE + Firefox (With the recommended extensions) is much more resistant to Metasploit than a Debian install with the same software.

Crazy Operations Guy

Thermite vs. Thermate

They are different chemical compounds with the same effects:

https://en.wikipedia.org/wiki/Thermate

NVIDIA reveals GPUs for blade servers, Linux desktop support

Crazy Operations Guy

Re: Open Source?

Its always bothered me that there isn't some kind of standard instruction set that video cards must support. I figure that the PCIe working group should enforce such a thing before a video card can get a PCI ID, such as requiring that a card support a specific version of OpenGL using a well-known byte-code / mnemonic to execute such instructions. Especially make it so that GPUs could still execute a wide range of 3D operations without needing a driver, but a driver could be used to support advanced features.

This would be similar to the way CPUs work where the OS will run smoothly without a driver, but isn't able to use the accelerated encryption instructions or media streaming bits until a driver is installed.

Met Police to slash hundreds of IT jobs, hands £216m outsourcing gig to Steria

Crazy Operations Guy

"exploit low-income areas to keep wages low"

The biggest problem with that plan is that it only works short term. The funny thing about throwing a bunch of money at poor people is that the areas they live end up becoming nice areas with skilled laborers that now require much higher wages (Sometimes higher than what you were paying the in-house people)

Crazy Operations Guy

Merging police forces

This would greatly simplify things if they did this in the US since you end up with crazy crap where if a passenger assaulted the crew member of taxi traveling between New Jersey and NYC, it would be under the jurisdiction of 9 agencies:

-NYPD - happened in NYC

-New York County Sheriff - not technically in the city

-NY State Patrol - Occurred on infrastructure operated by the state Department of Transit

-City, county, and state police departments from New Jersey

-The US Coast Guard - happened on a boat

-FBI - Interstate crime

-Homeland security - could be declared terrorism

Malvertising maniac messes MSN, serves corrupted creative

Crazy Operations Guy

Re: And they are

Keeping it a civil offense would be a better move. In a criminal case, the burden of proof is on the prosecutor to convince a jury that the defendant is Guilty beyond a reasonable doubt. Whereas a Civil trial, the burden is on the defendant to prove that they are innocent beyond a reasonable doubt (This is why OJ Simpson walked free in the criminal trial but was found guilty in a civil court). In a criminal court, the defense attorney would just need to argue that the victim's DNS settings or the routing of the poackets were tampered with and the malicious code came from a faked website (In which case the prosecutor would need to gather every packet from the transaction to to actually prove that the code came from the defendant's servers). Beside, a private citizen cannot gain anything from a civil trial, so any fines or punishments would go right to the state.

What is really needed is a bunch of high-end lawyers working on such a case pro-bono to counter the lawyers the large advertisers employ. You;d also need some large organization to shoulder the burden if the case is lost (In the US, the loser pays the legal fees of whoever wins).

Google makes it official: Chrome will freeze Flash ads on sight from Sept 1

Crazy Operations Guy

"why would disabling Flash- or making it click-to-play- break it?"

Simple: the JavaScript that loads the video and makes the decision to use HTML5 vs. Flash simply detects the presence of the Flash plugin rather than checks if it works. Properly checking for Flash would take an unnecessary amount of time since you'd have to wait for it time-out before you can declare it non-functional, or risk throwing errors all over the place.

Video streaming services tend to prefer Flash since its had more time to mature, and Flash running on one platform works just as well as Flash on a completely different one whereas different browsers implement HTML5 differently.

Facebook profiles? They're not 'personal data' Mr Putin

Crazy Operations Guy

Embassies in datacenters

I wonder if it'd be possible to pay an ambassador to declare a square meter of space in a datacenter as official property of their country, kind of like an enclave...

Krebs: I know who hacked Ashley Madison

Crazy Operations Guy

Re: Thunderstruck

But there are so many other songs that would be much better suited for the breach. "What do you do for money, honey?" popped right into my head, you also got "Caught with your pants down" and dozens of others that would've fit better than Thunderstruck...

White Stork mates with ISS, delivers bundles of resupply joy

Crazy Operations Guy
Trollface

RE: dehydrated beer

But there is plenty of urine up there already...

Even 'super hackers' leave entries in logs, so prepare to drown in data

Crazy Operations Guy

Re: Super hackers might leave entries in logs

Or just not bother disguising the IP. It's trivial for an attacker to just proxy their connections through a rented botnet, so even knowing the correct IP would be pointless (what are you going to do, call up some random schmuck in Brazil / China / India and ask them to send you their computer so you can trace the attack?).

And it begins: Ashley Madison bonk-seekers urged to lawyer up

Crazy Operations Guy

Its a paid service, so you;d need their credit card details too. Possible if you wanted to smear the other person in a divorce case, but not nearly as easy as just signing them up for one of the free dating services...

Crazy Operations Guy

Probably because all the women blocked the first one because he is just so damn creepy.

It's incredibly easy to bump someone off online, and here's how to do it – infosec bod

Crazy Operations Guy

Back-date a birth certificate?

I wonder if it'd be possible to back-date a birth certificate... Fake your own death and take the identity of someone that just happened to have also been born around the same time as you. Of course fooling biometrics would be a bit of an issue, but then you'd just create a new ID in another country that doesn't share data with the country you were born in. But then there is also the issue that you'd no longer have a degree, or a diploma for that matter; although there are plenty of schools that have shit for security...

Hack a garage and the car inside with a child's toy and a few chips

Crazy Operations Guy

Rolling codes

Given the bit-length that the key fobs are using, it shouldn't take too long to grab enough codes to start predicting the next in the series. The key-fob would be using a very low-power micro-controller, so the algorithm would need to be pretty brain-dead simple. The problem is that both sides have to arrive at the same code (or at least the vehicle would have to calculate the expected code + 50 or more to account for presses of the fob when it was out of range). So given that, the algorithm would fall pretty quickly to GPU-powered AWS instance.

Of course I wouldn't put it past auto-makers to just burn a 1K long sting into the micro-controller and then just puke out 12-bits from there and just grab 2 bytes at a time and throw 4 of them away (first time take the first 12 bits, second round ignore the first bit, take the next twelve, etc). It'd theoretically give you 4096 codes before re-use (and make full use of the 12-bit space).

Emergency-service comms omnishambles worsens as HP dives for the door

Crazy Operations Guy

Porbably better without HP in the running

HP is collapsing, might not even be around for the required amount of time...

Symantec selling Veritas to private equity firm – report

Crazy Operations Guy

What makes you think it will still exist?

Veritas would probably be worth a lot more if they just killed it and sold all their patents and trademarks to whoever wanted them.

IBM GATE-CRASHES chip world, boldly exclaims: 'We've cracked the 7nm barrier'

Crazy Operations Guy

" pull an Apple and do everything yourself"

Apple actually do very little outside of marketing and making pretty cases. Board design is outsourced to India, the chips are fabbed by various 3rd parties, everything is put together by Chinese factories, most of the software is either out-sourced or just taken from the NetBSD project, and even most of the logistics are handled by third parties. The only things they really do are design the non-functional mechanical bits, run a couple shops, and market the hell out of everything.

Lizard Squad kid bandit who did 50 THOUSAND HACKS dodges cooler stint

Crazy Operations Guy

Force him to clean up every system he compromised

Just have everyone mail him their routers and have him re-flash them all on his dime (Or at least grab the money from the seized funds) and not let him do anything else until he has cleaned up every single system, even if it takes him so long that the machines would be thrown out anyway.

Awoogah: Get ready to patch 'severe' bug in OpenSSL this Thursday

Crazy Operations Guy

Re: Older version safe?

I'm assuming that it was one of those fixes that plug one hole, but accidentally opened another like a function that goes through a loop where the result s an off-by-one error in some uses, but is needed in others.