In other news today...
-
@izzion said in In other news today...:
@Benjamin-Hall said in In other news today...:
Hope everyone's vCenter (VMWare) servers are up to date:
If sys admin was a licensed occupation, exposing a vCenter server to the Internet should be grounds for immediate and permanent disbarment.
That was pretty much my first thought:
Hope everyone's vCenter (VMWare) servers are
up to datenot exposed to the internet:
-
Amazon strikes again
Edit: WARNING: auto-playing video
-
You had one job...
-
-
Florida coyote got more than it wished for:
-
@JBert said in In other news today...:
You had one job...
Maybe they forgot the "H". Everyone hates Henry.
-
@dcon said in In other news today...:
@JBert said in In other news today...:
You had one job...
Maybe they forgot the "H". Everyone hates Henry.
And at least some British dialects drop the H anyway. They were just being phonetic.
-
@JBert it reminds me of this gem from my home town which made national headlines.
-
@Dragoon said in In other news today...:
Temperature-controlled focus point? Yeah, those precise heating and cooling elements are totally going to be easier to make than mechanical controls...
-
@TimeBandit said in In other news today...:
I started reading the article, and had a feeling I've already read it before... Then realized it's from a year ago.
-
@JBert said in In other news today...:
You had one job...
-
-
-
@DoctorJones said in In other news today...:
it reminds me of this gem from my home town which made national headlines.
At least it has all the right letters…
-
-
@Gąska There are tons of these misspelled signs painted on the road. The most often reported reads either SHCOOL XING or SCOHOL XING. (Y'see, the irony is that the messed-up word refers to education....)
-
@TimeBandit said in In other news today...:
Stolen credentials are one of three possible avenues of attack SolarWinds is investigating as it tries to uncover how it was first compromised by the hackers, who went on to hide malicious code in software updates that SolarWinds then pushed to some 18,000 customers, including numerous federal agencies.
Other theories SolarWinds is exploring, said SolarWinds CEO Sudhakar Ramakrishna, include the brute-force guessing of company passwords, as well as the possibility the hackers could have entered via compromised third-party software.With that password, I expect a brute force attack to go pretty fast. But if the password was available online, a well funded state actor probably got it there.
Also blaming an intern... There shouldn't have been a password to leak to begin with.
-
@Carnage said in In other news today...:
There shouldn't have been a password to leak to begin with.
I still find it incredible that so many pieces of software come with default passwords that can't be changed (because of client software that relies on the password being what it is, or operational processes, or training materials) and that are obviously shared among installations. I find it doubly incredible that people put these systems on the open internet.
-
@Carnage it's pretty clear that they haven't had any pen testing, as that should have been highlighted on day 1. They can't blame an intern for that!
Also, someone should have been reviewing the work of said intern.
-
-
-
@DoctorJones said in In other news today...:
@Carnage it's pretty clear that they haven't had any pen testing, as that should have been highlighted on day 1. They can't blame an intern for that!
Pen testing is kind of a lottery. If you have improperly configured common components like Glassfish or somesuch, it's almost certain it will come up. But if its your own code, the a pen tester—who does not understand the application much—might or might not notice it.
Also, someone should have been reviewing the work of said intern.
This. And not just normal review, but a specifically security review. Have some basic threat model, derive a list of potential attack vectors from it, and then check the code (and/or setup) for presence of suitable controls preventing them.
Threat modelling and security review is more efficient than pen-testing when it's your code and all you've got is some security conscious senior developers, but nobody really specialised in security testing.
-
-
@Bulb said in In other news today...:
Have some basic threat model, derive a list of potential attack vectors from it, and then check the code (and/or setup) for presence of suitable controls preventing them.
One of the most useful approaches is to validate and normalize all inputs.
I was reading the other day about the different responses to weird inputs that come up in JSON parsing, specifically of documents like this:
{ "test": 123, "test": 456 }
Apparently that's accepted… and different parsers have different ideas as to what the value associated with the
test
key is. This could be very bad if your order fulfilment and billing systems disagree on the quantity of items to be shipped. Normalization fixes this.
-
@da-Doctah said in In other news today...:
@Gąska There are tons of these misspelled signs painted on the road. The most often reported reads either SHCOOL XING or SCOHOL XING. (Y'see, the irony is that the messed-up word refers to education....)
The thing that drives me up the wall is when you have multiple words and the order is backwards. You see it all the time. For example, there's a stop ahead, so painted on the road you see:
AHEAD
STOPWhy?!? It's not like the two words are separated by enough distance that you can't clearly see and read both words at once. The English language is read from top to bottom. Both words are visible together. They form a coherent thought... except it's backwards.
-
@Mason_Wheeler Symbols are good: they can capture multi-word meanings easily, and are handled pretty easily in a driving context by human brains all over the world (except the USA).
-
@Mason_Wheeler said in In other news today...:
@JBert said in In other news today...:
Article text: red fox.
Picture: black fox.It's the rare red-black fox.
She seems well balanced.
Jokes aside, this is mentioned in TFA:
The photos that Miles snapped show an animal that has mostly black fur, with white at the end of its tail and on its paws.
"So it is a misnomer, their name, the Sierra Nevada red fox," Bowles said. "We actually see a lot more of the darker-coated foxes here in Central Oregon, specifically in the higher elevations."
-
@TimeBandit said in In other news today...:
Gates only likes lock-in when it's locked into Microsoft. News at 11.
-
@dkf said in In other news today...:
handled pretty easily in a driving context by human brains all over the world
The "Driving Anti-patterns" thread and a multitude of YouTube videos disagree.
-
@HardwareGeek said in In other news today...:
@dkf said in In other news today...:
handled pretty easily in a driving context by human brains all over the world
The "Driving Anti-patterns" thread and a multitude of YouTube videos disagree.
Irrelevant, they’re still handled faster than having to read words.
-
@topspin said in In other news today...:
@HardwareGeek said in In other news today...:
@dkf said in In other news today...:
handled pretty easily in a driving context by human brains all over the world
The "Driving Anti-patterns" thread and a multitude of YouTube videos disagree.
Irrelevant, they’re still handled faster than having to read words.
IIF the symbol has been in wide circulation long enough that everyone knows the meaning at a glance.
Counter-example, the new radiation hazard cave-painting:
If I drove over that on the road, I'd go " was that?". On the other hand, a sign on the road would get immediate recognition. ...Not that I'd know what to do about it, unless it's near a nuclear facility or post-apocalyptic. But you get the point.
-
@acrow said in In other news today...:
If I drove over that on the road, I'd go " was that?".
"You may want to leave, because there's a ceiling fan blowing on human remains. It might smell"
-
@Zecc said in In other news today...:
@acrow said in In other news today...:
If I drove over that on the road, I'd go " was that?".
"You may want to leave, because there's a ceiling fan blowing on human remains. It might smell"
"The sun is trying to kill you. Take cover!" came to mind as well.
-
@acrow said in In other news today...:
IIF the symbol has been in wide circulation long enough that everyone knows the meaning at a glance.
Which is true of road signs—everybody is tested for recognizing them before they get a driving license. And any new ones are widely publicised.
@acrow said in In other news today...:
At the very least that sign has incorrect colors. Warning signs shall be triangular with red border and black symbols on white background.
-
@acrow said in In other news today...:
@Zecc said in In other news today...:
@acrow said in In other news today...:
If I drove over that on the road, I'd go " was that?".
"You may want to leave, because there's a ceiling fan blowing on human remains. It might smell"
"The sun is trying to kill you. Take cover!" came to mind as well.
Aliens are trying to beam you up - run!
-
@dcon "Real pirates run away from boats with propellors".
-
@acrow said in In other news today...:
If I drove over that on the road, I'd go " was that?". On the other hand, a sign on the road would get immediate recognition.
Agreed. I think it's too busy for it's own good, it's almost like a small puzzle to be figured out. Other warning signs mostly stick to one easily recognizable symbol. Granted, in some cases, you have to know the meaning of said symbol to fully decipher the sign. But that's the case with this sign as well.
-
@cvi said in In other news today...:
@acrow said in In other news today...:
If I drove over that on the road, I'd go " was that?". On the other hand, a sign on the road would get immediate recognition.
Agreed. I think it's too busy for it's own good, it's almost like a small puzzle to be figured out. Other warning signs mostly stick to one easily recognizable symbol. Granted, in some cases, you have to know the meaning of said symbol to fully decipher the sign. But that's the case with this sign as well.
You wouldn't drive over it or see it on a road sign: according to the article it's meant to be placed on the last shielding layer of radioactive sources after other layers have been removed. The idea is to make thieves turn back before they break down the shielding to get to what they think is valuable stuff. The regular sign is recognizable, but only if you know what it means, so this sign is hoped to give a better indication of the dangers inside.
-
@JBert Yes, I wasn't actually thinking it would be a road sign, and was mainly thinking of the warning signs that you see in labs and similar. I think the same still applies.
-
@cvi said in In other news today...:
thinking of the warning signs that you see in labs and similar.
Some of those are utterly indecipherable without a translation guide.
-
@HardwareGeek said in In other news today...:
@cvi said in In other news today...:
thinking of the warning signs that you see in labs and similar.
Some of those are utterly indecipherable without a translation guide.
Like the laundry symbols?
-
@dcon Oh, so that's what those are for.
I thought they just were disclaimers written in a forun language.
-
@dcon said in In other news today...:
@acrow said in In other news today...:
@Zecc said in In other news today...:
@acrow said in In other news today...:
If I drove over that on the road, I'd go " was that?".
"You may want to leave, because there's a ceiling fan blowing on human remains. It might smell"
"The sun is trying to kill you. Take cover!" came to mind as well.
Aliens are trying to beam you up - run!
The Terminators have risen and are sending down skulls! Hide away somewhere!
-
@JBert
That would be an operator's mistake, so buckle up and turn on that mental defogger. You may need to edit data in storage and learn all about washing, tumble drying on low, ironing, dry cleaning, and bleaching. There is no escape from these electronic instructions for use. Now, with all that in mind, come out of standby and begin. Oh, and caution, very bright light.
-
@TwelveBaud Try something that you're supposed to see and recognize when walking down the street. Like, say, the blind-person armband:
https://yoursightmatters.com/blindness-low-vision-double-u-s-2050/blind-person-wearing-armband/
-
@acrow Works great right up until you have two blind people walking down the same street. I wonder if they thought of that?
-
@Mason_Wheeler said in In other news today...:
@acrow Works great right up until you have two blind people walking down the same street. I wonder if they thought of that?
I think the black bumps are Braille.
-
@TwelveBaud said in In other news today...:
@JBert
That would be an operator's mistake, so buckle up and turn on that mental defogger. You may need to edit data in storage and learn all about washing, tumble drying on low, ironing, dry cleaning, and bleaching. There is no escape from these electronic instructions for use. Now, with all that in mind, come out of standby and begin. Oh, and caution, very bright light.
-
@PotatoEngineer It's been far too long since I read Schlock Mercenary.
-
@HardwareGeek Oh. Um... Hate to bring you bad news, but... You might want to sit down before reading this part:
The comic was finished last year. He ended the story. With a "THE END" and everything.