Posts by Wzrd1 2267 publicly visible posts • joined 7 Dec 2012
"do note, that meteor showers are always best watched well after midnight, until dawns early light"
When the rain shall strike one directly from above, save when driven sideways, owls shit upon you and the dew preferentially settles upon you.
For, in reality, that is frequently what happens, in varying degrees.
Only astronomers get all of the above when making observations.
Typically whilst being infested by bats and worse, reporters. ;)
"I had practically written this yearly event off of my calendar because much as many of you, it's always cloudy/rainy/overcast for this event. "
I'm in the US, in Pennsylvania, near Philadelphia.
I've long counted on clouds and highly probable rain whenever *any* celestial event occurs. Be it a meteor shower, eclipse, hypernova, doesn't matter. That is the day it'll be either pissing or shitting on us.
Except when I was abroad, when it was clear... :/
I chuckle over the strange enthusiasm over ONE species of plant used for tea.
My own tea cabinet is full of tea leaf tea, catnip leaves, several mint species, saffron, black and green leaf tea (with jasmine and other flowers), chamomile, ginger and even artichoke teas.
I even have a stockpile of Twinings Earl Grey tea that is pre-2009 debacle of teas.
I also drink nearly a gallon of coffee per day.
After all, I am a US citizen. ;)
I enjoyed a highly successful career as an Information Assurance Security Officer for a US military installation.
Highly successful in my book is not having accounts, users or data compromised.
Chief to that success wasn't brilliant strategy in firewalls, antivirus, patching or rolling bones under the right kind of smoke. It was educating the end user. It was also, as a last ditch effort, the firewalls, antivirus and patching (I'll not comment on bones and smoke, for fifth amendment reasons).
It was also reinforced by the pain in the dick method: End user gets infected or otherwise compromised (assuming no blackmail, as that was a criminal matter and handled by guys with guns and handcuffs), end user goes through the end user security awareness course. It is a mandatory course that takes a mandatory one hour to proceed through, with questions all along the way to ensure a real human takes the course.
It is also required annually for all users. Even myself.
So, once a year, I didn't want to even piss, it was that much of a pain in the dick.
We'll suffice it to say, the end user didn't re-offend, save once. That end user was reassigned by his commander, to infantry. (True story, even the installation commander took the damned course annually and once, twice in a year, due to clicking that which was trained against.)
"f you visit an ssl site, bring up a message saying who signed it and ask the user whether to add it as an exception."
And therein lies a failure mode.
Assuming the user isn't a blithering idiot.
Be they an end user or an administrator.
Such as one SA, who I caught reading his Gmail on a domain controller. Don't know where he ended up after, probably the CIO of the US Congress, as incompetence rises.
"Browsers should just point blank refuse to load content from a site with an invalid certificate. That'll be safer for everyone in the long run."
OK, way cool! So, no self-signed certificates are permitted, only deep pocketed authorities are permitted, if they decide down the road to sell a certificate for 100k a pop, so be it.
Ignoring certificate theft and spoofing or various other attacks.
WAY to pin a failure mode down to a small group!
"...without an airbreak system or multifactor authentication, ssl doesn't really buy much."
Airbreak systems are routinely broken by end users breaching the air gap, either by malfeasance or by good intentioned breach of security to more easily accomplish their job.
Multifactor authentication has also been breached, one I saw quite a bit of was using the middleware's utilities to bypass it.
By your standard, if a security model/system fails, it is useless. Might as well leave the fucking house doors wide open when you go to work!
Meanwhile, Chrome is exhibiting the same behavior as Firefox and Internet Exploder did in the past, easily permitting idiots to trust any damned site with a click through, rather than either convoluted methods to accept the site or triple or more clicks through today.
"I'm intrigued - how do you mount a man in the middle attack on smoke signals?!"
Get between them, preferably on a hill. Then, have a modestly large fire obscuring the original signal's smoke from the view of the receiving party and vice versa.
End users are a good source of such smoke...
"(although all the above are still vulnerable to Man in the Middle Attacks)"
I guess we have to go back to personal messengers, well known to both parties, with OTP codes to confirm they are who they appear to be and say that they are.
Or, we could simply accept the ramblings of the PFY and follow the sage commands of the BOTF. ;)
"If you self-sign a certificate you should add it, via an out-of-band method, to you trusted certificate list so that you don't see any errors. If you don't, you're doing it wrong."
You are far more generous than I am, for I'd raise the question of competence for *not* doing it properly.
It's what I did on a regular basis as BOFH.
At least until I could place a certificate store in place and have it trusted by the enterprise.
Well, to be technical, you are correct. However, there is the left hand rule of magnetism and the right hand rule of electromagnetism.
That said, the sun gets weird enough to through all of that into a cocked hat due to the intense currents and magnetic fields tangled up and multiple dynamos created by plasma rivers deep under the surface.
It's complex enough to make every clustered Cray go tits up trying to compute it in its entirety.
"...so many geophysicists do, indeed, think we are on the verge of a terrestrial magnetic field polarity reversal."
Which will take many thousands of years before it begins in earnest.
Our observed magnetic field is actually the result of a number of tangles in the core magnetic field, which eventually snap and re-orient, which results in a magnetic field reversal (or occasionally, not).
Paleomagnetic data shows this happens over many thousands of years.
Of course, once it does, the mapmakers will have a field day selling new maps oriented to the new magnetic north (our current magnetic north drifts quite slowly).
" It's also possible that humanity has gone mad. Or always was..."
As I happen to have the misfortune of knowing some who post such rubbish for the world to marvel at their idiocy, it's true.
The world's been long mad as a hatter and is currently moving rapidly downhill.
"It is better to remain silent and be thought the fool than to open one's mouth and remove all doubt."
"My my the AC turfers/fanbois sure were all over this quick. Something tells me the only reason WP is "uncracked" is the market share."
Not at all. Microsoft's shitty security remains my bread and butter securing it.
That said, I recall another non-bug, one that Microsoft threatened legal action against anyone who claimed it existed.
Until they couldn't keep their own servers up for more than 15 seconds, the ping of death.
Still, I'd rather teach a user how to navigate a DOS tree than deal with CP/M with end users.
"The certificate validation feature to fix this already exists in the OS and isn't being added - it's now a requirement for secure access rather than previously just recommended...."
As if a man in the middle attack, as is what is currently being done, can't be enhanced to validate a certificate from the corporate server.
Nope, that is impossible.
As impossible as walking on the moon, but less technologically challenging.
Because, it's always best to discard a theory before seeking reasons that one observation out of hundreds don't fit said theory.
It's not like binary or trinary star systems exist and one ends up ejected later. Not at all.
It's not like CO2 or methane is a greenhouse gas, not at all. The oil companies say they're not.
I have lattice degeneration, as well as partial posterior lens capsule opacity and moderate hearing loss and tinnitus secondary to an IED blast, I fucking HATE CAPTCHAs and wish bodily harm on those who insist on their use.
I'm now at the point where I avoid services that utilize the damned things, as I'd rather masturbate with a cheese grater than screw about with CAPTCHAs.
It is also made quite clear that officers enjoy the right to consider such things, enlisted scum don't get to ascertain such things.
The maximum an enlisted soldier, sailor, airman or marine can do is alert their congresscritter about any suspected unconstitutional or unlawful activities.
Interestingly enough, Manning uncovered nothing unconstitutional. Or do you think informant names in Iraq and Afghanistan is something unconstitutional? An Apache airstrike on armed men who were trading fire with US soldiers all morning? Perhaps the prisoner abuse (that *should* have been exposed and stopped)?
But, what would I know? I was only enlisted scum for nearly 28 years. You'd know more than I, based upon your vast experience acquired on your Twinkie encrusted sofa.
"The oath doesn't consider what happens when a soldier concludes (justifiably or otherwise) that the US government is not an enemy of the constitution. That's what happened here."
He did nothing out of conscience. He sought vengeance for his upcoming involuntary discharge. US Army and US DoD regulations require that his access to classified data be revoked once he was flagged for deleterious personnel actions, of which involuntary separation from the service most assuredly is. That wasn't done, which permitted him to attempt vengeance by spilling massive amounts of classified data. Just as those regulations were written to avoid.
Whatever he rightfully is sentenced to, his commanders, intelligence officer and NCO and personnel officer and NCO should get double.
Save that Manning and Snowden are unlike the President in that the President enjoys immunity.
Snowden is further different in that he swore only to an NDA that he violated.
Manning is different in that he sought vengeance for his pending discharge from the military.
Sorry, but five star fuckups and sad sack troops are not heroes. Presidents don't operate within a vacuum, they operate alongside of Congress.
And of course, Congress also enjoys immunity.
"Would you simply prefer that the Good Ol USA continue to spy on all and sundry at their pleasure....."
Do try to keep track. His spillage of massive amounts of classified data had nothing on US spying on anyone at all. The spying bit was Snowden, not Manning.
"Geanted there should be a investigation on who allowed this dipshit tohave access to the infomation he vomited out though."
I've been saying that from day one. Once he was flagged for deleterious personnel actions, regulations demand his access be immediately revoked. That was not done, which permitted him to act out on a desire for vengeance against the military that was involuntarily separating him from service.
His company commander, intelligence officer and NCOIC, personnel officer and NCOIC and battalion commander all should have been on the docket with him for dereliction of duty at a minimum.
"Isn't there something in that Oath about a soldier's duty to defend and protect the citizens of his country as well?"
Nope, the oath talks about defending the Constitution and laws of the nation, not the citizens at all.
The US Army oath of enlistment is available online, Google it.
He not only violated his oath of enlistment by disobeying the lawful orders of his superiors, he violated his sworn oath on his signed NDA for his security clearance.
Of all that he exposed, the only laudable thing was the prisoner abuse bit, which was thankfully stopped after.
The rest, informants names and addresses, an Apache gunship video of a strike against men with AK's and RPG's, diplomatic cables showing what diplomats *really* think about each other and assorted general diplomatic cable gossip proved of no utility for the nation or the world.
Well, save for those informant names, which were of utility to certain, rather unpleasant folks.
His company commander, battalion commander, intelligence officer, intelligence NCOIC and personnel officer and NCOIC all should have been charged alongside of him.
The lot of them are guilty of dereliction of duty for not revoking his access once he was flagged for deleterious personnel actions due to his upcoming involuntary separation from service.
Because they ignored those regulations, he still had access to classified data and did that which those regulations were designed to avoid.
Instead, it's even money that the lot of those five star fuckups got promoted instead.
"God must have created science to have something to laugh at or perhaps just to test our faith."
I've long been a deist. A deity refuses to micromanage a single species on a seventh rate planet on a third rate solar system (I'm being overly generous here).
Still, I'm convinced that the Platypus was a joke left to confuse and confound science. ;)
"Mind you - some British schools also teach fairy stories as well."
When I was in high school, we had comparative culture and religion classes in our culture class.
Such stories would be considered valuable in those classes.
Not so valuable as a factual educational class.
When I was in school, we were educated in "the new math", which meant that we understood sets, subsets, statistics, etc. Hence, I can spend ages balancing my checkbook due to a lack in mathematical capability that is inborn, but can understand epidemiologists discussing their statistics.
Our children can balance a checkbook, but have zero clue about what statistics are about.
"It's a pity you didn't spend your time in school learning how to spell or form a sentence correctly."
In part, I blame England for not documenting the language properly until after the American independence. In part, I blame the US educational system.
For my generation and a short period prior, I'd blame the former, after, I'd have to largely blame the latter.
As in when I went to school, my school had a donated observatory with a quite competent telescope, many electron microscopes, worked with live reagents in chemistry.
When our children went to school, one electron microscope was about and not available to students, the observatory was removed and destroyed, there were not reagents, only M&M's.
And that was on the "college preparatory" course level!
I have to give Ian this one.
During my over half century of life, I've watched a less than secular United States become secular, then begin to advance even to less than previous in secular, with near religious war ready to break out.
But then, there are people like me giving pause to the farthest of the right. For, when they "denounce" me as "liberal" and remind me of their guns, I initiate a comparison of firearms in our mutual collections. I usually win, when I don't, a mutual admiration of historic items defuses the idiocy. Then, we talk about austere environmental operations, then digress to protecting our kids and grandkids.
Fairly often, I win a convert. The rest of the time, the childless idiot, who frequently lacks a mate, is cowed.
If I can't get respect due another human, I'll accept fear.
For, what is operative is not what one *would* do, but what others perceive what you *may* do. ;)
They *do* send up a lot of weather balloons to measure high altitude things. When one comes down unexpectedly in a populated area, shades of a Japanese bomb from WWII come to mind, as a family was erased by one during WWII.
Think even worse with a radiothermic generator, one really gets the hot and bothered look.
But, many will assume an NSA balloon that replaces the dozens of satellites that blanket the globe or something even crazier.
True, but I'm also dubious on that number.
Suddenly, masses of layers evaporated.
*So* not happening!
Now, real world version:
"We noted the attack and blocked it. It ended five minutes after our efforts.
The attack could still be continuing, it could be alive and well in the city of mention in the CDC report.
Whenever I see that, I chuckle.
Magma is by nature hot. It's under immense pressure. Release pressure, that which might only be plastic ends up mixed gas and liquid matter.
I'll not go into local mixing due to oceanic pressure on the mass' movement upwards and the contribution of water to eruptions.
Funny, my wife was complaining about our communications while I was deployed with great outrage and annoyance and she-hulk mode objection.
I kindly reminded her of some software I had installed our both of our systems. Software that encrypted HARD all comms between us. Gave us lag, but also gave no middleman anything but shit and constipation.
She then recalled a report from the NSA that was unclassified and hence, was shared with her on my DoD network security posture.
We'll suffice it to say that both the evaluators enjoyed the experience, as did I. We both learned new tricks, but none revealed shirt sleeve tricks held under the cuff when needed.
Though, I did observe some really weird network traffic when the tried those cards on the DoD network...
*My* data sources and encryption is secure. That said, I don't trust you enough to provide you security.
Of course, I don't trust myself and require second and tertiary physical oversight.
Security rule one, trust no one. Not even oneself, as all are known for moments of immense stupidity.
Considering the number of phish messages/posts and various other attacks, I have to agree.
I've had to clean my wife's account three times, her computer twice.
Formatted and reloaded after a fixed period of no traffic that was untoward, which would be pretty much anything beyond java, adobe and my update server.
As the US government has contracts with multiple providers for their data, the easiest being providing keys, erm, big fat fucking deal, facebook! Just another PR ploy.
Shit, Skype sold off keys to multiple nations, as was reported three or so years ago.
Google has a contract with the US DoD.
Oh! Facebook doesn't. Can't be served a warrant either, since they're on Mars or something.
"Though these vulnerabilities have been subsequently patched, the researchers are not confident in the continuing integrity of the femtocell as an architecture. This is because the hardware can never be totally locked down by the vendor, and so there will always be some kind of exploit, they reckon."
By their principle, no platform, be it desktop, server, router, switch or other device is worthy and should be abandoned, as *no* device is totally locked down by the vendor and any that might be would be rejected for security reasons.
So, as we can't trust anyone on anything, we should abandon all electronic communication.
Or gain a small sense of reality.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
