WTF Bites
-
So. Apparently some computer crapped out some 1000km from here, and as a consequence I get to spend another 30-40 minutes squeezed into a cattle class economy seat before we can take off. Modern technology is awesome.
What did they blame it on? Because only case I can imagine that really being the case (since I suppose if was after chocks off) is if an ATC system went down and that would be really unlikely with the backups they have. If they blamed it on “flow control”, that is actually there being more aircraft that they can direct around while being sure they won't hit each other up there already. Some airspaces are that busy.
-
What did they blame it on?
I just finished reading an article on it and so far they haven't said specifically what the cause of the malfunction was. Just that the system that ties together all of Europe's air space controllers went down, and in addition they lost all flight plans filed after a certain time, which had to be re-filed once the system was rebooted.
Some airports were restricted to 10 take-offs per hour while the system was down, which is a ludicrously small number.
-
@bulb They didn't say much more at the time, other than there being some problems with the computer systems at the party responsible for coordinating all flights in Europe and that this is located in Brussels.
I briefly looked through a couple of different news articles, and couldn't find much more than what @blakeyrat already mentioned. The agency in question is called "eurocontrol", so if you search for something along the lines of "eurocontrol computer problems" you'll probably find a few news articles.
I didn't see a huge amount of delays being posted at the airports today, so I don't know how bad it was in the end. Might have missed the worst part, though.
-
@timebandit said in WTF Bites:
@heterodox said in WTF Bites:
I can't tell if this Web site is supposed to be facetious.
From the website
Holey Beep is just a simple privilege escalation bug.
Please run this command to find out: curl https://holeybeep.ninja/am_i_vulnerable.sh | sudo bash
If your computer is vulnerable it will beep.Run a command with
sudo, if it works, you're vulnerable.
$ curl https://holeybeep.ninja/am_i_vulnerable.sh #!/bin/sh # TODO: Backdoor this machine? modprobe pcspkr beep -l 1000 -r 3 -f 44000
-
-
@heterodox said in WTF Bites:
Not malware, it just beeps three times at them but it's still annoying.
To cats, mice, bats and dolphins, maybe. The
-f 44000says to beep at 44kHz, which is well above the limit of human hearing and at the very high end of dogs' hearing. If it will even work; the man page says the value must be in the range 0 < N < 20000. I don't happen to have a Linux/UNIX machine available to see what happens if you give it a value that is out of the valid range.
-
@blakeyrat said in WTF Bites:
Just that the system that ties together all of Europe's air space controllers went down, and in addition they lost all flight plans filed after a certain time, which had to be re-filed once the system was rebooted.
Wow, that sounds like a huge fuck-up.
-
@timebandit said in WTF Bites:
Run a command with
sudo, if it works, you're vulnerable.The URL is under HTTPS, so I know I'm safe!
-
@heterodox said in WTF Bites:
I can't tell if this Web site is supposed to be facetious.
Holey Beep said:
How can I detect exploitation?
Did you computer beep in unexpected situations? We recommend to install microphones to detect malicious activity.
Can my antivirus detect or block this attack?
[...] the attack may be detected by comparing the sound of a vulnerable computer to the sound of an unaffected computer. Listen carefully. [...].
Nope, definitely serious...
Filed under: Please don't make me add sacasm tags
-
Signing up for the Microsoft Developer program (to put apps on the Windows Store):
Somebody goofed (see down by the Next button). Could be that the web portal for that is really really screwy in any browser but Edge; Safari is better than Chrome (non-functional), but not great.
-
@hardwaregeek said in WTF Bites:
I don't happen to have a Linux/UNIX machine available to see what happens if you give it a value that is out of the valid range.
It opens an http listener serving the entire contents of your RAM, unencrypted. That's the vulnerability.
-
@hungrier this can be avoided by using
beep -I(note thatbeep -lwill format/dev/sda)
-
@hardwaregeek said in WTF Bites:
To cats, mice, bats and dolphins, maybe. The
-f 44000says to beep at 44kHz, which is well above the limit of human hearing and at the very high end of dogs' hearing. If it will even work; the man page says the value must be in the range 0 < N < 20000. I don't happen to have a Linux/UNIX machine available to see what happens if you give it a value that is out of the valid range.Ah. I misread it as 440 Hz (A4).
-
@bulb
dd-mm-yy HH:MM:SS zzzzis a WTF to you? You need to get out more.Of course it is! Should be using four digit years.
-
I swear this thing has zero consistency.
https://i.imgur.com/dhxeorb.png
-
@pie_flavor said in WTF Bites:
I swear this thing has zero consistency.
https://i.imgur.com/dhxeorb.pngWhat thing? Use your words, Ben!
-
-
Garmin, maker of expensive sports devices, has recently added achievements to its platform. In true parochial style, here are a few of them
In Polish they are literally translated rather then functionally, but even in English they're stupid. Who switches units on their device?
Bonus
I run more than a mile every single time but as my device is in metres the achievement doesn't unlock.
-
@coldandtired said in WTF Bites:
Who switches units on their device?
as my device is in metres the achievement doesn't unlock.
It's like the solution is staring you right in the face
-
@hungrier As one of the achievements is to run the marathon in Kansas in a couple of weeks I don't think I'll be trying too hard to 'get the plat' ;)
-
-
It's downloading over my data plan and I can't stop it.
-
@pie_flavor said in WTF Bites:
It's downloading over my data plan and I can't stop it.Disconnect from Data.
Edit: Though, shouldn't that not count against your data plan? If so, dick move by your carrier, those things can weigh in the gigabyte+ range...
-
The Holey Beep site had a patch file that was itself an exploit. Feed the file to some versions of patch and they would cause a part of it to be executed by sh.
-
-
@tsaukpaetra said in WTF Bites:
@pie_flavor said in WTF Bites:
It's downloading over my data plan and I can't stop it.Disconnect from Data.
Edit: Though, shouldn't that not count against your data plan? If so, dick move by your carrier, those things can weigh in the gigabyte+ range...
What? I've never heard of a single carrier that didn't count system updates against the data quota. Usually they try to count anything they can...
-
@tsaukpaetra said in WTF Bites:
@pie_flavor said in WTF Bites:
It's downloading over my data plan and I can't stop it.Disconnect from Data.
Edit: Though, shouldn't that not count against your data plan? If so, dick move by your carrier, those things can weigh in the gigabyte+ range...
What? I've never heard of a single carrier that didn't count system updates against the data quota. Usually they try to count anything they can...
Verizon doesn't. Neither does Fi
(N.B: VZW used to count them. Somehow they actually gave in to popular demand)
-
@tsaukpaetra said in WTF Bites:
@pie_flavor said in WTF Bites:
It's downloading over my data plan and I can't stop it.Disconnect from Data.
Edit: Though, shouldn't that not count against your data plan? If so, dick move by your carrier, those things can weigh in the gigabyte+ range...
What? I've never heard of a single carrier that didn't count system updates against the data quota. Usually they try to count anything they can...
forever ago when I had an at&t phone (and they were still doing updates) an OTA update didn't count against your data plan. It was also the only way to get an update as well, natch. I would have noticed if my phone suddenly incurred a $200 overage fee.
-
@sloosecannon said in WTF Bites:
@tsaukpaetra said in WTF Bites:
@pie_flavor said in WTF Bites:
It's downloading over my data plan and I can't stop it.Disconnect from Data.
Edit: Though, shouldn't that not count against your data plan? If so, dick move by your carrier, those things can weigh in the gigabyte+ range...
What? I've never heard of a single carrier that didn't count system updates against the data quota. Usually they try to count anything they can...
Verizon doesn't. Neither does Fi
(N.B: VZW used to count them. Somehow they actually gave in to popular demand)
The NB is wrong. I checked and they counted it.
-
@sloosecannon said in WTF Bites:
@tsaukpaetra said in WTF Bites:
@pie_flavor said in WTF Bites:
It's downloading over my data plan and I can't stop it.Disconnect from Data.
Edit: Though, shouldn't that not count against your data plan? If so, dick move by your carrier, those things can weigh in the gigabyte+ range...
What? I've never heard of a single carrier that didn't count system updates against the data quota. Usually they try to count anything they can...
Verizon doesn't. Neither does Fi
(N.B: VZW used to count them. Somehow they actually gave in to popular demand)
Well I mean I'm in Germany where mobile (or any kind, really) internet is a luxury so maybe that's just not a thing here. Everything counts against your data quota here, unless you buy one of those streaming packages. Then specific app data (Spotify and similar) doesn't count (but if you reach your quota any other way, the data included in those streaming packages is limited the same as normal data). Or you could get one of the rare actually unlimited contracts for over 100€ a month. But eff that -_-
-
@tsaukpaetra said in WTF Bites:
forever ago when I had an at&t phone (and they were still doing updates)
And that's the thing — from what I gathered that's how you get most, if not all, OTA updates in the US, from your carrier.
No such thing in Europe, we get all updates from the phone manufacturer itself, so it's just regular traffic as far as the carrier is concerned.
-
@greybeard said in WTF Bites:
The Holey Beep site had a patch file that was itself an exploit. Feed the file to some versions of patch and they would cause a part of it to be executed by sh.
I was wondering about that. The web page mentions that one would hear a beep after the patch applies. I assumed shenanigans with '\a', but apparently not. (Also, TIL, that path apparently uses ed. Heh.)
I have to give it to the holey beep folks. That is pretty hilarious. :-)
-
@tsaukpaetra said in WTF Bites:
forever ago when I had an at&t phone (and they were still doing updates)
And that's the thing — from what I gathered that's how you get most, if not all, OTA updates in the US, from your carrier.
No such thing in Europe, we get all updates from the phone manufacturer itself, so it's just regular traffic as far as the carrier is concerned.
Yeah but tbh, the way our carriers work, they'd still count it against your data anyway XD
-
I'm trying to "switch" cell service providers, except all I'm trying to do is go from O2 to a subsidiary of O2's where my work has some kind of deal.
number one: For some reason, when you're registering with the subsidiary, they ask for your SIM number. Of course, that's on the part of my SIM that I cut off when I was turning the ancient Mini SIM into a Micro SIM. Why the hell do they want that, though?! They're going to send me a new one anyway!
number two: I found the other part of the card and copied the number off of it. Then they asked me for a "CVOP" - a unique number that your old provider has to give you when you tell them you want to leave, so you can keep your number. EXCEPT THE OLD PROVIDER IS THE SAME AS THE NEW ONE, GOD FUCKING DAMMIT!
number three: In an attempt to avoid an hour-long conversation with some call center drone trying to sell me unlimited calls for "real cheap" to keep me from """switching""" I went to visit O2's sales point in person - there's one in a mall where I usually get my groceries, anyway. So I walk in there, explain to the guy what I want, he takes my info, verifies my identity... everything's going fine, he's trying to sell me random shit but he's not too pushy. Then he grabs the phone and starts calling someone who can approve the request for me, because that makes total fucking sense. The someone asks to talk to me, AND STARTS TRYING TO KEEP ME WITH THEM DESPITE ME NOT FUCKING GOING ANYWHERE! NO I DON'T WANT A PACKAGE WITH FIVE TIMES THE DATA FOR TWICE THE PRICE YOU STUPID WHORE, FUUUUUUUCK
number four: Eventually they generate the number, I sign the form saying I'm terminating my service with O2, and the guy asks me if I want a printed copy or if it's fine to only send it by e-mail. Well, if you send it in a mail, I don't really need a physical copy, do I? I only want one number off the form, after all.
WRONG, MOTHERFUCKER. Almost immediately after leaving the store I got a text with a password because apparently the form is encrypted. Ok, fine. Problem is, this was yesterday and this is all I ever got, the e-mail never got to me. What I think happened is gmail just threw it away, because the form was in a zip file with a really crazy random filename and gmail blocked it, maybe? It's not in my spam either, and the "My Documents" section on their self-service portal eventually shows empty after loading for like a minute.So now my cell service is being canceled and I can't switch to the """new""" ISP because O2's systems were designed by a brain-damaged Hitler clone.
-
@tsaukpaetra said in WTF Bites:
Edit: Though, shouldn't that not count against your data plan? If so, dick move by your carrier, those things can weigh in the gigabyte+ range...
Last year, when we went on vacation, my brother's netbook decided to use the tethered mobile connection to do a major windows update the minute we crossed the German border. He was not amused.
-
-
subsidiary of O2
You mean a virtual operator on O₂, not a subsidiary, don't you? I don't think N₂ has any subsidiaries.
-
switching mobile providers
Here in Canada, last time I changed providers all I had to do was sign up with the new one, and they took care of everything else (porting my number, cancelling my old service, etc). I did it in person at a mall kiosk, and pretty much by the time I got to my car in the parking lot the new service was already active.
-
EXCEPT THE OLD PROVIDER IS THE SAME AS THE NEW ONE, GOD FUCKING DAMMIT!
No, it's not. It is a different operator, except that it is a virtual one on top of the previous one. Does not matter, it is a different one and the process works the same.
AND STARTS TRYING TO KEEP ME WITH THEM DESPITE ME NOT FUCKING GOING ANYWHERE!
Well, you are. They'll get a lot less money from you through the virtual operator than directly.
I believe it is a Czech speciality, but the telecom service prices of bulk deals for companies are way lower than those for end users. As in order of magnitude or more. The result of that is that many large companies order more than they need and resell the surplus to random people, for much less than the operator themselves, but still with quite good margin.
Of course the fuck-up with failed e-mail is bad. Not that you could expect much better from O₂—or any other Czech telecom operator—though. They all suck. Badly.
-
@bulb I think it's actually a subsidiary, it's called "O2 Family".
@hungrier Yeah but you're not going to enjoy the immense sense of accomplishment like I will IN TWO FUCKING MONTHS WHEN IT ACTUALLY HAPPENS
-
@bulb I think it's actually a subsidiary, it's called "O2 Family".
to go looking it up in company register right now.
-
I think it's actually a subsidiary, it's called "O2 Family".
That makes sense. A different VNO would be much easier because they'd have a fully separate billing process.
-
@bulb Their website is a subdomain of o2.cz and looks the same as O2's, the footer says
Provozovatelem eshopu je společnost O2 Czech Republic a.s.
And https://or.justice.cz/ias/ui/rejstrik-firma.vysledky?subjektId=715786&typ=UPLNY says the current sole proprietor (?) is O2 Czech Republic, a.s. They're both registered at the same address, too.
-
@blek Ok,
are they up to‽
-
Germany where mobile (or any kind, really) internet is a luxury
Wut
Last time I went, I paid more than five times for a GB on LTE than I do in fucking Laos. And let's not talk about coverage …
-
@laoc When I went a few years ago I got a sim card with IIRC 3 GB of data included for pretty cheap, at least compared to anything you can get in Canadia.
-
@laoc When I went a few years ago I got a sim card with IIRC 3 GB of data included for pretty cheap, at least compared to anything you can get in Canadia.
Whow. I've never been to Canada but I suppose you guys have some astronomical infrastructure costs compared to ze Germani.
-
When I went a few years ago I got a sim card with IIRC 3 GB of data included for pretty cheap, at least compared to anything you can get in Canadia.
if you switch to wind you can get that for cheap with only 25% of the network coverage
-
For some reason, when you're registering with the subsidiary, they ask for your SIM number. Of course, that's on the part of my SIM that I cut off when I was turning the ancient Mini SIM into a Micro SIM.
Can't you access that from inside the settings area? Phone info / status / whatever?
-
@boomzilla said in WTF Bites:
For some reason, when you're registering with the subsidiary, they ask for your SIM number. Of course, that's on the part of my SIM that I cut off when I was turning the ancient Mini SIM into a Micro SIM.
Can't you access that from inside the settings area? Phone info / status / whatever?
It's probably the
IMSI. That's the number used to identify your SIM card to the network (and most companies record, and run checks against, the IMEI.)Or maybe
(but unlikely to be)theICCID. This is the 19?20 digit number typically physically printed on the SIMWon't be the
IMEIThe
CVOPmentioned sounds like what we in the UK call aPACfor mobiles orMACfor broadband - essentially a time limited, simplistic, passcode the company you're leaving gives you to give to the company you're going to (which presumably goes full circle to enable the transfer to complete.)
* in much the same way that the first few numbers of a credit card identifies the provider.
#894667 - beep: CVE-2018-0492 - Debian Bug report logs
