Re: [GTALUG] Securely wiping SSDs

2024-03-25 Thread David Thornton via talk 
There might have been too much alcohol involved in the conversation to
consider it production Ready 藍



On Mon., Mar. 25, 2024, 09:47 D. Hugh Redelmeier via talk, 
wrote:

> | From: David Thornton via talk 
>
> | I grilled my local hardware security friend who said you should never
> trust
> | the secure delete feature in ssd . In general it has been found insecure.
>
> It seems hard to accidentally screw up Secure Delete:
>
> - everything written to the flash layer is encode
> - everything read from the flash layer is decoded
> - secure erase simply changes the key
>
> It is fairly easy to intentionally screw up Secure Delete.
> Trusting Secure Delete involves trusting the manufacturer:
> there is no sure way to test for this failing.
>
> Does your guy have examples or even indications of Secure Delete failing?
> In particular, what does "In general it has been found insecure." mean?
> What has been found?  How has it been found?
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Securely wiping SSDs

2024-03-24 Thread David Thornton via talk 
I grilled my local hardware security friend who said you should never trust
the secure delete feature in ssd . In general it has been found insecure.

As mentioned the "Large grinder" seems like the only way to be sure.

On Sat., Mar. 23, 2024, 10:50 Giles Orr via talk,  wrote:

> I have, for many years, used "Darik's Boot and Nuke" on a USB stick to
> securely wipe spinning hard disks.  It takes a long time, but I mostly
> understand and trust the process.
>
> I'm now at the point that I have to wipe and dispose of SSDs, and I'm
> feeling a bit shaky on the methodology.  Here's what I did:
>
> # hdparm -I /dev/sdX
>
> Looked for enabled/locked/frozen in the output ... I won't go into
> making sure those are toggled correctly, but that appears to be
> needed.  This also lists what appears to be info about doing a wipe on
> the drive:
>
> 6min for SECURITY ERASE UNIT, 60min for ENHANCED SECURITY ERASE UNIT
>
> Then, set a password (why? but seems to be needed):
>
> # hdparm --user-master u --security-set-pass foobar /dev/sdX
>
> Last, run the wipe:
>
> # hdparm --user-master u --security-erase-enhanced foobar /dev/sdX
>
> Doing something like `dd if=/dev/sdX bs=5M count=5 | strings` (or
> sending it to `less`) definitely shows that it's changed from
> something organized to something full of identical characters.  But
> I've never seen this wipe process take more than 60 seconds, which
> makes me wonder about the `hdparm` declaration about the time required
> for a secure wipe.
>
> So I guess the big question is: should I trust this process?  Do we
> really think it's securely wiped?  Or should I be taking a hammer to
> the chips on the SSD because that's the only way to ensure it's fully
> wiped?
>
> --
> Giles
> https://www.gilesorr.com/
> giles...@gmail.com
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Odd Ethernet Behaviour

2024-02-06 Thread David Thornton via talk 
I love problems like this. Puzzles.

1. You might try turning off auto negotiation and "forcing" the link to
various speeds and see how it responds, and not just the fastest speed. (
https://phoenixnap.com/kb/ethtool-command-change-speed-duplex-ethernet-card-linux
)

2. Try a different switch port.

3. Check the switch's tx/rx error rates & retransmissions.

4. Check the NIC's tx/rx error rates  & retransmissions.

5. Compare speed with something "link local", like _on the same ethernet
segment_ , versus something past the gateway.

6. Compare trace routes into the device from various places, to trace route
from the device _to_ those various places. There may be some
asymmetry going on.

David

p.s. for seeing network stuff I like iptraf , and iptraf-ng


On Tue, Feb 6, 2024 at 8:08 PM Peter King via talk  wrote:

> Hello all,
>
> I have a computer located in the University of Toronto network which shows
> some odd network behaviour.  For one, I have run speedtest-cli on it
> numerous times at various times of the day, and it consistently returns
> around 93Mbit upload/download.  For comparison, a laptop in the same LAN
> seems to get 700Mbit, while a computer in a different part of the UofT
> network gets 900Mb/570Mb.
>
> The NIC has a RealTek chip and uses the r8169 kernel module.  Ethtool,
> which gives a live report, does list the card as running at 1Gb/s.  But
> that sure isn't the speed I am getting.
>
> This same slow computer also has problems if I reboot it remotely: most of
> the time it doesn't come up, though dmesg has the card detected.  If I
> start from a cold boot rather than restart, it comes up correctly most of
> the time.  In either case just typing in #netctl start  starts it
> up just fine.  I was trying to solve this problem and saw that there are
> several complaints along just these lines having to do with the r8169
> module.  Some people suggested downgrading to r8101 but that module is even
> older.
>
> If the module isn't working well, that might account for the slower speeds.
>
> Is there any way to tell?  Obviously I can buy another NIC with a
> different chipset but don't really want to go to the trouble if there is an
> easier way to diagnose the difficulties.
>
> All advice appreciated!  Thanks.
>
> --
> Peter Kingpeter.k...@utoronto.ca
> Department of Philosophy
> 170 St. George Street #521
> The University of Toronto(416)-946-3170 ofc
> Toronto, ON  M5R 2M8
>CANADA
> http://individual.utoronto.ca/pking/
>
> =
> GPG keyID 0x7587EC42 (2B14 A355 46BC 2A16 D0BC  36F5 1FE6 D32A 7587 EC42)
> gpg --keyserver pgp.mit.edu --recv-keys 7587EC42
>
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] (very off topic) where to buy old AM/FM receiver?

2023-10-30 Thread David Thornton via talk 
facebook marketplace.
So much weirdo stuff in there.

On Sun, Oct 29, 2023 at 10:16 PM William Park via talk 
wrote:

> Hi, a very off topic...
>
> While cleaning my house, I found box speakers and LP record player.
> Brand name "Sanyo".  What's missing is AM/FM receiver that came as a
> set.  Do you know where I can buy an old stereo AM/FM receiver?
> --
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Sane Email System?

2022-03-06 Thread David Thornton via talk 
Google tells me that getmail  and mutt can talk oauth2.

Have you tried that?

Looks a bit clunky.

David

On Thu., Mar. 3, 2022, 20:18 Peter King via talk,  wrote:

> Hello!
>
> I've just been informed that "legacy authentication" is going to be
> disabled at the University of Toronto for my email account.  Well, I
> suspected something like this was in the works when they adopted MS Outlook
> 365+ as the mail server, but it still isn't welcome.
>
> Up to now, I've been able to use mutt and getmail for all my needs; I run a
> daemon that picks up (and then deletes) email from a variety of servers
> (University of Toronto, GMail, and so on) onto a single computer.  There
> I apply all the filters, spam protection, sorting into various inboxes,
> and so on.  To read email I just ssh in from any computer anywhere and run
> mutt.  All configurable with nice text-based scripts.  The email files are
> automatically backed up and sychronized to other computers, too.  When I'm
> out of town I have the mail be downloaded/deleteed manually, and I have
> full fallover capability, so if one machine is offline I can switch to
> another without any hiccups.
>
> But it looks like that is all going away, since Microsoft only supports
> what they call "modern" email clients, and on Linux only Thunderbird.
>
> I could switch.  But then rather than the fetch-and-store model, which has
> worked fine over the years, I would either have to change to a view-in-a-
> browser model (and so have to be running a GUI locally and store all my
> email somewhere else out of my control), or chuck my university email
> account and set up something else.
>
> At the moment I'm really inclined to do the latter.  I'll just set up some
> way of forwarding all my email to some text-based *NIX server somewhere
> that is happy to let me run scripts to deal with email.  But maybe I'm not
> being fair to the former alternative.  I have *no* experience with any of
> the "modern" email clients, and have been stubbornly clinging to the plain
> ASCII text as how email should work.  Maybe there are perfectly reasonable
> email clients these days with powers I know nothing of.
>
> (I am currently teaching a few courses at UCLA and was forced to use their
> webmail system, run by Google, and I have to say I despise it: graphical
> for no good reason, with limited search/sort capabilities, threading of old
> messages not clearly visible, and so on.)
>
> Any advice, suggestions, hints?  War stories?  Ways to thwart the powers
> that be?  Thanks in advance.
>
> --
> Peter King  peter.k...@utoronto.ca
> Department of Philosophy
> 170 St. George Street #521
> The University of Toronto  (416)-946-3170 ofc
> Toronto, ON  M5R 2M8
>CANADA
>
> http://individual.utoronto.ca/pking/
>
> =
> GPG keyID 0x7587EC42 (2B14 A355 46BC 2A16 D0BC  36F5 1FE6 D32A 7587 EC42)
> gpg --keyserver pgp.mit.edu --recv-keys 7587EC42
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Man and Info Pages

2022-01-06 Thread David Thornton via talk 
"It's complicated"

1. For linux, I'd refer to LPI wording about this.
2. for other l*Nixes, I'd consult their docs on their docs ( said in
"Austin Powers introducing Austin Powers" voice )

I do like info, but my muscle memory makes me man all the time.
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] security threats of Open Source

2020-11-25 Thread David Thornton via talk 
Fair points,

All of the service contracts I've worked behind say effectively: If we
can't keep it from happening, then we can't be held responsible for it
happening.

You paid for a managed linux server, linux has a bug and you crash, we are
not responsible. We'll patch when it comes out, we'll add a firewall rule
to mitigate. But we could not have kept it from happening.

It's pretty weak I know, but one thing I have learned is that there is a
lot of conscious and unconscious, communicated and uncommunicated
acceptance of risk in many industries.

I advocate for professional , responsible, management and communication of
risk in my day to day activities.

I feel like I've done my best work when I can talk to clients directly and
honestly about risk, and how we can manage it.

I can do what I can, but I can't worry about  or fret about stuff I can't
do anything about.

(Which is , I think, basically what you are saying above )

I can do a lot of reasonable things to protect against uncontrolled aspects
of operation.

We had only one hard drive and it failed, so we went to a pair of mirrored
disks.

We had only one web server and it failed so we went to a cluster of 2 to a
bagilion web servers.

We used open source software and it was a hot mess so we .um hullo?
anyone else?

 Canonical, Microsoft, Redhat, Oracle, Amazon, Google , what have you..

They can do mitigation and management in ways I can't.

I lived and breathed Redhat for along time, and we sold linux under "Redhat
is good, redhat can make it go"

They added safety and consistency. I mean it wasn't / isn't perfect, but it
worked. It got a lot of stuff done in a short amount of time for us.

Risk management never gets old, it is as old as the first profession (
Prostitution: "Will my primary mate catch me." ) ( Which of course led to
the second oldest professions : Lawyers )

P.S. I decided to give email another go, for old-time sake, that's why I
revived thethread I guess: I read my mail :)

David

On Sat, Nov 21, 2020 at 12:06 PM D. Hugh Redelmeier  wrote:

> | From: David Thornton via talk 
> | Date: Fri, 20 Nov 2020 15:25:42 -0500
>
> Thanks for reviving this thread 10 months later.  What prompted you to do
> that?  Note: this is not a complaint.  I continue to think that this is an
> important and unresolved topic.
>
> | As administrators we have a responsibility to vet. Even if it's to
> | "deligate" the vetting, we have to vet the deligate.
>
> "have to" means "responsibility to".  Unfortunately, responsibility
> without
> capability is a recipe for disaster.
>
> Clearly you've thought about this in a setting with customers.  How do you
> discharge this responsibility?
>
> The GPL says: you get what we offer but we accept no responsibility.
>
> Many commercial software contract and EULAs disclaim responsibility
> and forbid using the software in safety-critical settings.  They then
> often fall back on saying at most you can get back the purchase cost.
>
> So a responsible decision-maker cannot delegate the responsibility yet has
> no practical or even theoretical tools to discharge the
> responsibility.  Except bankruptcy law.
>
> - you can ask your customer / client / employer that "here are the risks
>   that I can imagine, are you willing to accept them?"
>
> - you can make sure that there are no assets available that can be lost
>   when and if problems arise
>
> - you can work to reduce risks.  This quickly hits the law of diminishing
>   returns, long before the risks are eliminated.  But I'm sure we can
>   do better than the industry norms, as long as customers
>   understand that they must and should pay for the up-front cost.
>
> Customers / clients often think that they are safer with large
> corporations.  In that role, I've found the help from large companies (eg.
> Microsoft, Sun Microsystems (back in the day), ...) to inferior
> to help from small companies.  Both are eclipsed by support from FLOSS
> communities.  But support only deals with problems in the future, not
> damage that has happened.
>
> In the area of security, the worst breaches are the ones you never learn
> about.
>
> | Npm is a hot mess, and most people get that now.
> |
> | Galaxy / puppetforge / helm stuff ? Take a number.
> |
> | It sprouts faster than you can get on it sometimes.
> |
> | Pays the mortgage :)
>
> You can't live with them and you can't live without them?
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Fedora 33 uses RAM for swap?

2020-11-25 Thread David Thornton via talk 
TIL: https://fedoraproject.org/wiki/Changes/SwapOnZRAM ( last edit oct 2020
)

When I first read this I thought: if you are swapping it's _becasue_ you
ran out of ram, so why "swap" to ram?

TL:DR; it compresses the data.

also: NOT preallocated.

David



On Wed, Nov 25, 2020 at 8:18 AM Giles Orr via talk  wrote:

> A few days after upgrading the last of my machines from Fedora 32 to
> 33, I noticed my main machine has acquired a new disk:
>
> NAME   SIZE FSTYPE  LABELMOUNTPOINT
> zram04G  [SWAP]
>
> I didn't set that up, and I don't think it was there on F32.  So the
> OS has, without asking, co-opted 1/4 of my 16G of RAM to use as swap
> space.  This system has an SSD, so when I initially set it up (Fedora
> 27), I made a conscious decision to go without swap space.  I rarely
> push the limits of 16G.
>
> But now I'm in the situation that I have only 12G of RAM, so the
> system will become memory-starved earlier ... and what will it do?  It
> will go to swap.  Which is RAM anyway.  How does this help?  To me
> this seems like adding complexity without adding utility.
>
> Can someone please explain A) if I'm correct about this behaviour in
> the first place, and B) why it's useful?  Thanks.
>
> --
> Giles
> https://www.gilesorr.com/
> giles...@gmail.com
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] security threats of Open Source

2020-11-20 Thread David Thornton via talk 
As administrators we have a responsibility to vet. Even if it's to
"deligate" the vetting, we have to vet the deligate.

Npm is a hot mess, and most people get that now.

Galaxy / puppetforge / helm stuff ? Take a number.

It sprouts faster than you can get on it sometimes.

Pays the mortgage :)

David

On Sat, Jan 25, 2020 at 4:05 PM D. Hugh Redelmeier via talk 
wrote:

> | From: Dhaval Giani via talk 
>
> | On Thu, Jan 23, 2020 at 11:08 AM D. Hugh Redelmeier via talk <
> | talk@gtalug.org> wrote:
> |
> | > <
> | >
> https://www.zdnet.com/article/microsoft-spots-malicious-npm-package-stealing-data-from-unix-systems/
> | > >
> | >
> | > This article list six cases of malware contributed to npm (the repo for
> | > sharing node.js and JavaScript source).
> | >
> | > How many undetected cases exist?
> | >
> | > I've alway pretended that Linux distros vet their code.
> |
> |
> | They do, but npm is different. npm is indepdent of the distro itself. And
> | people want to use npm because it gives them the latest and the greatest.
>
> I'm sorry that I wasn't clearer.
>
> I was changing the subject a bit.  Just like npm has problems because
> vetting contributions is a hard problem, so too Linux distros have
> problems because vetting contributions is a hard problem.
>
> I know npm (JavaScript), CPAN (perl), CTAN (TeX), CPAN (Python),
> github, probably crates.io (Rust), etc. each bypass the disto.
>
> Any security flaws identified by a distro get fixed by updates but
> anything users sourced from these other repos will not be fixed by
> distro updates.  A serious logistic problem for users, even if they
> are unaware of it.
>
> I try to avoid these repos for just that reason but it is kind of
> hard.
>
> | >   I'm not sure how
> | > true that is.  Probably the greatest protection is the time delay
> between
> | > contribution and distribution.
> | >
> | >
> | I would be wary of this approach. There are a bunch of security fixes,
> | where you probably don't want too long a delay. Part of responsibility
> also
> | lies on the user to validate the update. With it being open source, and a
> | "volunteer" model, some of that has to be accepted b the user.
>
> Sorry, I meant: the time delay between creating a piece of software
> and it being adopted by Linux distros.  Not a delay because the user
> avoids distro updates.
>
> I imagine the barrier to contributing to npm is zero.  But I don't
> actually know.  See below.
>
> The barrier to contribution to any distro I know of is a bit higher.
> That involves time, effort, and creativity.  But not enough to prevent
> a determined and skilled contributor of malware.  The easiest way is
> probably to infiltrate a group that produces a piece of software
> already accepted by many distros.  Then it depends on the vetting by
> that project.
>
> More on npm:
>
> 
>
> npm is the "Node Package Manager".  It accompanies node.js.  It hooks
> up to a "registry", by default nodejs.com (a commercial entity).
> Here's a bit from Wikipedia (all caps added by me):
>
> Over 477,000 packages are available on the main npm
> registry.[16] The registry has NO VETTING process for
> submission, which means that packages found there can be low
> quality, insecure, or malicious.[15] Instead, npm relies on
> user reports to take down packages if they violate policies by
> being low quality, insecure or malicious.[17] npm exposes
> statistics including number of downloads and number of
> depending packages to assist developers in judging the quality
> of packages.[18]
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] security threats of Open Source

2020-11-20 Thread David Thornton via talk 
I can second the "noscript" thing. "Default deny" is good practice. No- one
has to explain it for firewalls ( any more I hope), so why do we have to
explain it in other places?


On Thu, Jan 23, 2020 at 7:00 PM Don Tai via talk  wrote:

> I regularly browse with javascript turned off. I use NoScript. While it is
> a hassle, I whitelist trusted sites, but refuse script from 3d party sites.
> There is a bit of setup to do to whitelist sites. Scripts have long been
> abused. Browsing without js restores a bit of honesty in web pages, as a
> lot of the razzle dazzle crap code is not executed. I seek information more
> than eye candy. Cross-site scripting risk is near eliminated, making web
> browsing safer. You can also see which sites have added a whole lot of crap
> onto their script code and which 3d party sites they employ. This will
> colour your selection of credible web sites.
>
> As well I intermix browsers as well as use Tor.
>
> I encourage you to try it. Tilt the advantage to the user with the
> NoScript plugin.
>
> On Thu, 23 Jan 2020 at 18:30, o1bigtenor via talk  wrote:
>
>> On Thu, Jan 23, 2020 at 3:37 PM D. Hugh Redelmeier via talk
>>  wrote:
>> >
>> > | From: o1bigtenor via talk 
>> >
>> > | In this vein - - - - a contact who in computer terms calls himself a
>> dinosaur
>> > | refuses to allow javascript on his computers doing all his browsing
>> on text
>> > | based browsers. In his opinion javascript is a serious accident
>> already in free
>> > | fall. What you're sharing only emphasizes that. Maybe its time to
>> join his
>> > | anti Javascript position?
>> >
>>
>> Thank you for your response!!
>>
>> > The issues are a little more intricate.
>>
>> They usually are - - - grin.
>> >
>> > Note npm is a repo (mostly?) for JavaScript to run under node.hs.
>> > node.js is a server-side thing.  It runs JavaScript on the server.  Not
>> in
>> > the client (browser).
>> >
>> > JavaScript itself isn't terrible.
>> >
>> > What is unfortunate, I think, is the unfettered creativity JavaScript
>> > in the browser allows web designers.  They misuse it, just like they
>> > did Adobe Flash previously.  To some extent this is caused by the good
>> > sides of JavaScript: how easy it is to learn, how easy it is to wip up
>> > complexity, how easy it is for the page creator to take control of the
>> > browser experience.
>>
>> From what little I know what I"m thinking is that the browser user needs
>> to have some tools to control what the browser does - - - - that seems
>> to be unobtanium at this point.
>> >
>> > What I was talking about was how easy it is to inject malicious code
>> into
>> > the ecosystem.  That isn't actually the fault of the language.  (It is
>> > imaginable that one could design a language that prevented some abuse.)
>> >
>> > In fact, the language+browser have been designed to limit the damage
>> > that could be inflicted on the client side.  The npn problem is mostly
>> > server-side, I think (I'm not sure).
>> >
>> > Making something easier (cheaper, faster, more understandable, ...)
>> > allows it to be used more, often to excess.  Unexpected side effects
>> > can ensue.
>> >
>> > - increasing efficiency of cars makes driving cheaper so people
>> >   drive more and end up using more total energy (gasoline).
>>
>> Our obsession with individual transportation has become a major cost
>> factor in one's personal economy.
>> >
>> > - computers became a lot cheaper.  So a lot more money is spent on
>> >   computers.
>> >
>> > - programming has become easier.  So a lot more pointless programs have
>> >   been created.
>> >
>> > - when I worked on optimizing compilers, I thought that I was trying
>> >   to make existing programs run faster.  Then it struck me that it
>> >   allowed programmers to write programs in a simpler and clearer way
>> >   and have the compiler eliminate the performance cost.
>>
>> Interesting.
>> >
>> > Here's a random example of npm use:
>> >
>> > 
>> > ---
>> Thanks for the sharing!
>>
>> I'm wondering if there even is a way of reining in the wild possibilities
>> in
>> javascript in a browser. If there is it would be quite nice if this
>> would happen
>> quite soon. I'm finding that the web has become quite a frustrating and a
>> very
>> very far from useful place to look for things.
>>
>> Regards
>> ---
>> Post to this mailing list talk@gtalug.org
>> Unsubscribe from this mailing list
>> https://gtalug.org/mailman/listinfo/talk
>>
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Group knowledge base

2020-10-31 Thread David Thornton via talk 
I would also add that i've "lived with" Mediawiki for a while, through
various upgrades and server moves. It was simple and straightforward.

In a world of increasingly complex systems, a simple system is a joy.

David

On Fri, Oct 30, 2020 at 4:02 PM Mike via talk  wrote:

> On 2020-10-30 3:34 p.m., David Thornton via talk wrote:
> > 3. Mediawiki - my personal fav only because 1. OSS 2. plugable such
> > that I can get neat semantic stuff to work. I use categories a lot, I
> > use REDIRECT alot. I'm a firm believer in loose pluralism to start and
> > rigorous lexicography as time passed. I love that I can do a stand
> > alone server deploy of it, a two tier version, a containerized
> > version, a cloud version, or a massive scaled out version. I love
> > being able to do fancy semantic work in mediawiki. ( see
> > https://en.wikipedia.org/wiki/Semantic_wiki )
> >
> I second the semantic mediawiki plug.  My group still uses mediawiki
> pretty extensively despite having been told that we don't...
>
> We originally built a lightweight project management environment in it.
> We don't make much use of all that semantic power anymore, but even
> though our official documentation is elsewhere, the wiki is still our
> standard repository of shared (especially miscellaneous) knowledge.  I
> guess I would say that even though mediawiki is larger than many wiki
> implementations, it's nevertheless easy to deploy, and can grow
> enormously in complexity if you have the need.
>
> Mike
>
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Group knowledge base

2020-10-30 Thread David Thornton via talk 
Hi,

I feel old because I can say that I have worked with most of the systems
mentioned so far: I have a personal professional policy of spending the
energy to get good at a given tool before I critique it. If I have not
"gone deep" with tool X I'll say so.

1. Confluence - I agree that the search is horrid. It's got a couple of
annoyances. For example I can't seem to make page anchors. If I make
something a heading it gets an anchor but I want to make anchors in other
places. The docs say you  can but I haven't been able to get that to work.
Also I've not done much semantic work in confluence.

2. Lotus Notes; that was a long time ago, I liked it, I don't recall there
being any bog issue that kept me from getting the job done.

3. Mediawiki - my personal fav only because 1. OSS 2. plugable such that I
can get neat semantic stuff to work. I use categories a lot, I use REDIRECT
alot. I'm a firm believer in loose pluralism to start and rigorous
lexicography as time passed. I love that I can do a stand alone server
deploy of it, a two tier version, a containerized version, a cloud version,
or a massive scaled out version. I love being able to do fancy
semantic work in mediawiki. ( see
https://en.wikipedia.org/wiki/Semantic_wiki )

4. Post Lotus Notes and Pre-mediawiki, I lived in Word docs. It was
technically less sex, and required what now seems to be clunky process, but
it was functional: track changes, versioned files etc . I even wrote
macros that would maintain change logs and version numbers for documents.
There are obvious cross platform issues. But maybe a gsuite docs version
might work?

5. I was able to operate with Sharepoint , but only barely. I asked very
little of it, and it delivered. :P It seems like it encouraged complexity
for no good reason.

6. I've also used Tettra, a commercial provider. It's very simplistic. If
your needs are simple it might be for you. I managed my expectations and it
hampered me still.

Another approach I have been toying is the "Documentation goes with code"
approach. That is markdown files in code repos. Think README.md I like
this. markdown is lightweight and easy to get. There can be duplication
depending on application. Documentation about the software _where-ever_ you
deploy it goes with the code. Documentation about how you
have _specifically _ deployed it goes in the wiki. Operational lessons go
in the wiki.

I'm notorious for putting a hockey stick in the "number of pages" graphs
for a given company's knowledge base. Which is to say I make the count go
up quickly. IMHO documentation is an operational responsibility, like
keeping the server up. It's also the responsibility of the architect.

I'm also a strong proponent of organic growth but also "good curation". It
should be easy for individuals to document as they desire. But the
resulting "mess" should be curated, such that the plethora of view-points
over time become a coherent, if dynamic, story.

The system should not be so complicated as to be a "barrier to entry".  It
should be easy to add new documents, and correct mistakes. It should be
auditable. Depending on how serious you are about documentations it should
also have good analytics.  It should support multi-media reasonably. You
should be able to search it well. It should support some type of "synonym"
system . In mediawiki I use #REDIRECT alot. If you are using a slang term
for something, Imma catch that and send you to the canonical name.

I've not used Dokuwiki.

David


On Thu, Oct 29, 2020 at 10:17 PM William Park via talk 
wrote:

> How do you or your company maintain group "knowledge base"?  I guess,
> wiki for internal stuffs.
>
> I'm using Words/Excel files.  A chapter (Word) or worksheet (Excel) for
> different subject or project.  You can insert screenshots, tables, etc.
> Screenshot of installation or picture of DIP switches is way simpler
> than trying to explaining it in words.  You can cut/paste from original
> documentation.
>
> But, I'm curious what others are using.
> --
> William Park 
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Remote Desktop [ RDP files and Remmina ]

2020-08-24 Thread David Thornton via talk 
I have some experience with remmina, in as much as I help my wife with it,
when it breaks.

She's ubuntu at home, and uses the snap package. The apt one doesn't work.

she has auto update on , so when it breaks it most frequently a breaking
update.

As far as I'm aware The folk at her workplaces have't done anything
special for her, she looks like a windows client.

I snap revert from time to time , and it works... then a new update comes
and it updates, and it works.

In a word (term) : "under development"

David


On Sat, Aug 22, 2020 at 10:57 AM Aruna Hewapathirane via talk <
talk@gtalug.org> wrote:

> Hello everyone,
>
> I have to login remotely from home to work and this involves booting up a
> Windows system
> then logging in. Which works fine.
>
> I wanted to see if I can login remotely using Remmina and the RDP protocol
> using Linux. So
> far zilch and tried most things I know ( which is very little ). So I was
> wondering if anyone has
> any experience logging into a Windows System remotely using Linux and
> Remmina ?
>
> When I try to activate the tool for work under Linux it just lets me save
> the RDP file. I have tried to
> import the file into Remmina but does not connect.
>
> What should I do to trouble-shoot and resolve ? Any suggestions?
>
> And Evan I received your email to the Raspberry Pi thread I was busy-busy
> sorry
> for not acknowledging sooner :-)
>
> So once again to break it down:
>
> 1 - Office System is in London, Ontario and runs Windows.
> 2 - I have a dual boot running Windows and Debian
>
> How do I log-in to the office server using my linux system ?
>
> Thanks - Aruna
>
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] I believe Amazon is leaking delivery information.

2020-01-16 Thread David Thornton via talk 
It it possible that an advertisement can "know" the page it was deployed in?

Or even just some properties of the page it was displayed in?

Via this means an advertiser could know you had just , or were about to buy
X.

>From there, the world is your oyster.

David

On Wed, Jan 15, 2020 at 3:50 PM Alvin Starr via talk 
wrote:

> On 1/15/20 3:46 PM, Peter King via talk wrote:
> > On Wed, Jan 15, 2020 at 03:00:36PM -0500, Alvin Starr via talk wrote:
> >
> >> When I order something from Amazon  not long after I get emails from
> various
> >> phisherpeople claiming to be UPS or some other delivery company.
> >> The messages are coming through an old email address that is badly spam
> >> filtered.
> > I had that very thing happen to me on an order from Amazon about ten days
> > ago.  The phishing was via a note from UPS that they couldn't deliver a
> > package, but to get it I had to give them my credit card number ... at
> the
> > time I was surprised, since it followed close on the heels of one
> delivery
> > and right while I was waiting for another.  So, almost plausible.  But as
> > usual, the phishing email was so clumsily written and executed that there
> > was no question but that it was a fake.
> >
> >
> Yep that's it.
> Here is what I got.
> >
> > Dear Customer,
> >
> > We attempted to deliver your item at 1:30pm on 14th January, 2020.
> > (Read enclosed file details)
> > The delivery attempt failed because nobody was present at the shipping
> > address, so this notification has been automatically sent.
> >
> >
> > If the parcel is not scheduled for re-delivery or picked up within 72
> > hours, it will be returned to the sender.
> >
> > Label Number: (Read enclosed file details)
> > Class: Package Services
> > Service(s): (Read enclosed file details)
> > Status: e-Notification sent
> >
> > Read the enclosed file for details.
> >
> > UPS Customer Service.
> >
>
>
> --
> Alvin Starr   ||   land:  (647)478-6285
> Netvel Inc.   ||   Cell:  (416)806-0133
> al...@netvel.net  ||
>
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] TekSavvy or Rogers blocking apt user agent

2019-11-05 Thread David Thornton via talk 
I've seen this before on a fortigate firewall.

The FW will detect "apt" as app:XMLRPC rather than app:HTTP for the
purposes of "Application Detection" and if the "allow port 80 rules" is
infact an "Allow only app:HTTP on port 80" rule , then XMLRPC over port 80
is disallowed.

David

On Mon, Nov 4, 2019 at 4:13 PM Jamon Camisso via talk 
wrote:

> Well this is a new low:
>
>
> https://askubuntu.com/questions/1185612/apt-get-stuck-on-waiting-for-headers/1185713
>
> Mind-boggling that it is/was even an issue at an ISP & HTTP level.
>
> Either they have a giant whitelist of browser agents to maintain, or a
> blacklist to update and added apt to it.
>
> In either case, they're looking at HTTP traffic and acting on it directly.
>
> Still an issue for anyone?
>
> Jamon
> ---
> Post to this mailing list talk@gtalug.org
> Unsubscribe from this mailing list
> https://gtalug.org/mailman/listinfo/talk
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Post to this mailing list talk@gtalug.org
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] video: Benno Rice on "The Tragedy of systed"

2019-02-08 Thread David Thornton via talk 
That is sooper odd. That link didn't work for me on my phone, but now on my
lappy, it does.

The message I got on my phone was "You can't see that video because that
user was removed."

And I saw a black cat go by twice just now as well. :)

David

On Fri, Feb 8, 2019 at 10:14 AM James Knott via talk 
wrote:

> On 02/08/2019 08:21 AM, David Thornton via talk wrote:
> > That link did not work.
>
>
> I did for me.
>
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] video: Benno Rice on "The Tragedy of systed"

2019-02-08 Thread David Thornton via talk 
That link did not work.

A quick google resulted in

https://youtu.be/6AeWu1fZ7bY

Is it the same talk?

David Thornton @northdot9 https://wiki.quadratic.net

On Thu, Feb 7, 2019, 6:12 PM D. Hugh Redelmeier via talk, 
wrote:

> I think that this is pretty interesting:
>
> 
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] programming system questions

2018-10-11 Thread David Thornton via talk 
This is a chance for me to test my understanding by trying to explain it
myself.

Monte Carlo is where you randomly choose solutions from a solution space
and then try to make the results better for each choice.

Imagine you are trying to find the highest point on earth. Rather than scan
the entire earth to find the highest point, you choose a sample of points
and then see if there is something higher near-by.

This is _in general_ more efficient than scanning the whole earth, but of
course there is a change that you miss Everest.

Consider the alternative approach of choosing a point and then looking for
higher points nearby ( aka Gradient Descent). Suppose you started somewhere
in Britain... you might scan the local area and come to the conclusion that
snowdon is the highest place in the world.

Now image that you do this 100 time, and then compare the local bests of
those 100 attempts. You are more likely to find the highest point. That's
monte carlo I think.

Anyway, I'm not sure this has anything to do with what the OP is talking
about.

If I understand he/she wants to recreate an app.  Does that mean reverse
engineer? Are you trying to recreate someone else's app without direct
access to that app?

Are you trying to examine interactions with the app and predict what the
app will do, and hence "simulate" the app?

You might also consider creating a _smart_ proxy, that lets you cache
results locally such that if you ask for the same thing a second time it's
comes back faster.

Additionally by implementing a proxy , you can populate your own copy of
what ever data the original service is providing and study that for the
purposes of reverse engineering.

This sounds like a great conversation to have over a $drink, and/or in
front of a white board.

David



On Thu, Oct 11, 2018 at 9:19 AM ac via talk  wrote:

> On Thu, 11 Oct 2018 07:53:18 -0500
> o1bigtenor via talk  wrote:
> > Greetings
> >
> Hello :)
>
> > I have been using a web application for one of my business functions.
> > Besides the limitation of it being a web application (the web is NOT
> > as consistent nor as quick as is considered 'normal' for those that
> > like in rural areas) there are to many areas where I need to tweak the
> > results. Therefore I would like to re-create this application.
> >
> on the web?
>
> > At its base its somewhat like a recipe system. I plan on using
> > postgresql for data holding and now what might be a good way of now
> > doing the work.
> >
> i love postgresql :)
>
> > Think that an item has from 5 to 50 of 50 information fields. I am
> > adding a number of items together and specifying quantities of each
> > item trying to achieve levels that I previously specified.
> > The present application uses css and javascript and some other things
> > that are on the 'home' (program owner's) server.
> > Hopefully this description is clear enough and gives enough
> > information so that suggestions might be forthcoming. (I asked an
> > engineer friend and his suggestion was to use a monte carlo type of
> > system but that would be several levels more complex that I think
> > might be necessary for this application.)
> >
> i refuse to google "monte carlo type system" on duckduckgo.com...
> please put me out of my misery and tell me what a monte carlo type
> system is? ( I do love Monte Carlo also :) )
>
> Andre
>
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>


-- 
David Thornton
https://wiki.quadratic.net
https://github.com/drthornt/
https://twitter.com/northdot9/
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Dan Kaminsky Bugs aren't random ...

2018-08-14 Thread David Thornton via talk 
Conjecture:

Developers are the worker bees, they don't decide what gets done. The
business decides what get's done. They are the expressers of morals and
values. They can choose to cow-tow to the market or standup for something
at odds with the crowd.

Classically businesses have operated with a short-sighted, reductionist,
"externalization of cost" mind set.

The cycle is roughly one employment term in length.  You just gotta push
the cost off to the next cohort and make off like a bandit myself. ( either
to the next hustle or retirment. )

Show me a peice of software you use for greater than 10 years and I'll show
you a peice of software that's starting to mature ( windows, chrome, linux?
).

Sometimes maturity only comes through the death of the parent ( klang, v8 ).

David






David Thornton @northdot9 https://wiki.quadratic.net

On Sat, Aug 11, 2018, 10:48 AM Russell Reiter via talk, 
wrote:

> Nice talk on the physics of power management in the most recent shared
> cache exploits. Defcon 26 was held in China this year.
>
> https://www.youtube.com/watch?v=f3cyCg7itOI
>
> Dan says;
> It can take looking at a few thousand bugs, but eventually hacking feels
> like getting really good at telling the same joke, over and over again.
> It's OK, the computer still laughs, but why isn't software engineering
> delivering the reliability and predictability of other engineering
> disciplines? That's a question with an answer. It's not an easy answer,
> like "devs are lazy" or "tools are bad". Who are hackers to complain about
> either? But it's an answer I intend to explore, in true hacker fashion, by
> seeing traditional boundaries as mostly false, but useful for identifying
> what to fuzz. Why should we separate the humans that write bugs, from the
> tools the tools they use? Humans write tools. Why these tools in
> particular? Why would we separate forward and reverse engineering, dev from
> test? Wait, are those the same thing? Does any other field isolate the
> creator from the consequences of their creation? Is this going to be just
> some fluffy exploratory keynote? No, this is way too long a flight for
> that. We're going to talk about where I think software and hardware
> architecture is going to go, with actual code you're welcome to try to
> break. I'll tell you exactly where to look.
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Anyone using React Native?

2018-05-02 Thread David Thornton via talk 
That's probably _not_ a react problem.

I highly recommend using certbot for real "auto maintained" good , valid
certs for servers and make your TLS problems go away.

David


On Wed, May 2, 2018 at 5:03 PM, William Witteman via talk 
wrote:

> I was hoping to poke at React Native a little bit, but I have been
> having no end of trouble getting anything Node to work.
>
> Specifically, I keep getting CERT_UNTRUSTED errors when I do anything
> with npm in front of it.
>
> I am using Debian testing.  If anyone is using it, I'd love some pointers.
>
> Thanks!
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] The usual pre-meeting question... and answer, I suspect

2018-04-10 Thread David Thornton via talk 
I did kinton ramen with scott a couple of weeks ago.

Wus gud

David Thornton @northdot9 https://www.quadratic.net

On Tue, Apr 10, 2018, 10:21 AM D. Hugh Redelmeier via talk, 
wrote:

> | From: Evan Leibovitch via talk 
>
> | I think everyone has settled into Kabul Express unless told otherwise.
> | At least it satisfies the capacity and ambient noise requirements.
>
> Agreed.
>
> I like KE but am getting a little bored of it.  We should figure out an
> alternative, perhaps for next time.
>
> As a starting point FOR NEXT MONTH, I'll suggest our old favourite,
> Shops at Aura Food Court.  This includes Kaiju.
>
> <
> https://wiki.gtalug.org/pre-meeting_dinner#shops_at_aura_food_court_384_yonge_street
> >
>
> Or perhaps Kinton Ramen -- it seems close.  I've added it to the wiki
> page.  Has anyone been?
>
> 
>
> There were some nice places nearby on Yonge but I don't know if they
> have been replaced by condos.  We should check.
>
> Stewart: you seem to be up on these things.  Anything to correct or add?---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

[GTALUG] Comparison of source code hosting

2018-03-13 Thread David Thornton via talk 
The wiki treatment... lots of data

https://en.m.wikipedia.org/wiki/Comparison_of_source_code_hosting_facilities?wprov=sfla1

David Thornton @northdot9 https://www.quadratic.net
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] IBM Mainframe and z/OS

2017-12-03 Thread David Thornton via talk 
hey I thought I should let you know that "r360design.ca" doesn't work for
me.

Is that supposed to be a valid domain?

David



On Sun, Dec 3, 2017 at 10:33 PM, R360 Design INC via talk 
wrote:

> Hello everyone,
>
> Does anyone know how I could gain hands-on experience on an IBM mainframe?
> This is a career path Id like to pursue - i.e. Websphere zOS consultant or
> CICS. I am currently a UoT student and was wondering how people  gain
> experience
>
>
>
> --
> r360design.ca
>
>
>
> --
> r360design.ca
>
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Fan Control on Linux

2017-11-12 Thread David Thornton via talk 
I find that sometimes different distros have different default supported
configs and grok to different degrees various features and hardware.

You might try booting various live cds and see what they grok. I loved
knoppix to quickly tell how linux friendly a given machine is. Maybe ubuntu
or fedora will give you a different view.

Live cds often have elaborate complete detection stages... boot and see
what chips and config it detects.

You might try older versions of distros that have better support for older
hardware. Maybe try the version of the live cd that was released one year
after the introduction of the laptop.


David

David Thornton @northdot9 https://www.quadratic.net

On Nov 11, 2017 4:36 AM, "ac via talk"  wrote:

> On Fri, 10 Nov 2017 20:37:43 -0500
> Kevin Cozens via talk  wrote:
> > On 2017-11-10 03:31 PM, Giles Orr via talk wrote:
> > > I have a very old laptop I'm trying to rehabilitate and use with
> > > Debian: it's got an AMD Turion chip and 1G of RAM.  Works fine.Â
> > > But one annoying problem under Linux: the fan runs flat out all the
> > > time.Â
> > If the fan connection to the MB is only two pins it may not have the
> > ability to operate at anything other than full speed. Check the MB
>
> keyword, 'may' on my notebook the main fan has two pins but it has
> variable speed... so i guess ymmv
>
> so +1 for checking the manual or contact manufacturer website/support
>
> > manual. As this is a laptop you may find it hard to locate
> > information about fan control.
> > You could add a circuit to do variable speed control of the fan but
> > it may be difficult, if not impossible, to fit it in to the laptop case.
> >
> again depending on notebook/laptop model... many of the older models
> (before space became such a fixating factor) actually has lots of crawl
> space, just yesterday i added some custom components to one of
> my old HP's and recall thinking how cool it is that it can all fit
> inside the case :)
>
> Andre
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Vi-keybinding for MS-Word

2017-06-24 Thread David Thornton via talk 
why not vim for windows?

http://www.vim.org/download.php

David

On Fri, Jun 23, 2017 at 12:03 AM, William Park via talk 
wrote:

> I have no choice but to use MS-Office (mostly, Word and Outlook).  And,
> my productivity is very low.
>
> Is there Vi-keybinding for Word or Outlook, just for cursor movement and
> editing text?
> --
> William
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Question [about network security and privacy]

2017-06-15 Thread David Thornton via talk 
I stumbled across a project called pihole that makes a pi a hygiene proxy.
I ripped from it the logic that does the "bad guy" list maintenance which
includes some windows and apple spyware address ranges. A dynamic blacklist
would be the way to go in my opinion.

The system blackholes the dns entries.

I like it.

David

On Wed, Jun 14, 2017, 9:34 PM o1bigtenor via talk,  wrote:

> On Wed, Jun 14, 2017 at 9:07 AM, Kevin Cozens via talk 
> wrote:
>
>> On 2017-06-14 06:49 AM, o1bigtenor via talk wrote:
>>
>>> don't want the stupid thing to be transmitting. According to the 'idiots'
>>> selling the thing it will only transmit AFTER its been logged onto the
>>> companies 'cloud' (like I'm going to pay for insecurity!!). There seems
>>> to be no understanding that 1. I don't want their access to my data
>>>
>> [snip]
>>
>>> Somehow the sellers (and manufacturer) are missing the point that if the
>>> machine can send cell phone signals it can also receive them - - - and I
>>> won't allow that if I can help it.
>>>
>> [snip]
>>
>>> How could I disable this 'feature'?
>>>
>>
>> One option is to attempt to root the device (if it is the type to have a
>> root mode) and see if you can disable it. The other option is to see if you
>> can install some kind of firewall software to at least limit it will listen
>> to and/or send to.
>>
>>
> Greetings
>
> These ideas are pretty good ones, and I am looking into them, but all of
> this presupposes at least a somewhat willing machine user (willing to root
> or physical changes or ). What about the other 95% of the users who
> have no idea how vulnerable they are. I'm thinking a better thing would be
> start a 'shame' list that gets broad-casted at the next major computer
> security conference of the multi-nationals that are using an implied
> consent from their customers placing those same customers in a
> (computer/telecommunications type) potentially very vulnerable position of
> not really having their personal health information given the security it
> deserves. The sales reps are talking about how it meets the standards but
> they sure are answering questions when I'm asking about any controls on
> outside calls into the machine that might alter its functions!
>
> What say you to this form of push for a change?
>
> Dee
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Fw: surprise!

2017-04-08 Thread David Thornton via talk 
Mauro, how do I "like" your email? I can't find the "like" button on my
mail client.

:)


David Thornton @northdot9 https://www.quadratic.net

On Apr 7, 2017 9:03 PM, "Mauro Souza via talk"  wrote:

> One of my hobbies is to download those sites with wget and a fake user
> agent string,  and analyze them. If they are phishing, I like to flood it
> with random fake logins and passwords.
>
> I once got a keylogger sending the logs by FTP. I connected to it, deleted
> every log, and chmoded a-w the directory. The owner of the keylogger must
> have been surprised to see his logger didn't worked.
>
> On Apr 7, 2017 9:13 PM, "Peter Hiscocks via talk"  wrote:
>
>> Yeah, it reminds me of my experience dealing with a group of bikers. "We
>> have a present for you." they said at one point.
>>
>> The gift didn't work out, and I'm still here ;).
>>
>> P.
>>
>>
>>
>>
>> > What the... okay, I think it's safe to say *don't open the damned link".
>> >
>> > Somebody got pwned.
>> >
>> > W.
>> >
>> > On 7 Apr 2017 18:33, "GTALUG Talk via talk"  wrote:
>> >
>> >> Yo!
>> >>
>> >>
>> >>
>> >> I've got something awesome that is going to surprise you, just take a
>> >> look open
>> >> link 
>> >>
>> >>
>> >>
>> >> GTALUG Talk
>> >>
>> >>
>> >> ---
>> >> Talk Mailing List
>> >> talk@gtalug.org
>> >> https://gtalug.org/mailman/listinfo/talk
>> >>
>> >>
>> > ---
>> > Talk Mailing List
>> > talk@gtalug.org
>> > https://gtalug.org/mailman/listinfo/talk
>> >
>>
>>
>> --
>> Peter Hiscocks
>> Syscomp Electronic Design Limited, Toronto
>> http://www.syscompdesign.com
>> USB Oscilloscope and Waveform Generator
>> 647-839-0325
>>
>> ---
>> Talk Mailing List
>> talk@gtalug.org
>> https://gtalug.org/mailman/listinfo/talk
>>
>
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Raspberry Pi Zero w/ Wifi + Bluetooth Released today...

2017-02-28 Thread David Thornton via talk 
drool

On Tue, Feb 28, 2017 at 8:55 AM, Scott Sullivan via talk 
wrote:

> ... I managed to get through and order one. Anyone else?
>
> https://www.raspberrypi.org/blog/raspberry-pi-zero-w-joins-family/
>
> --
> Scott Sullivan
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

[GTALUG] On learning something new

2016-10-11 Thread David Thornton via talk 
Hey guys,

I saw this and though about how we give talks to further our own
understanding on a topic rather not doing a talk until we feel like experts.

https://lettertoanewmanager.wordpress.com/2016/08/01/three-steps-to-get-up-to-speed-on-any-subject-really-really-fast-fast-company-business-innovation/

What are you learning now? Come give us a talk on it and further your own
understanding.

David

David Thornton @northdot9 https://www.quadratic.net
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Setting up a VM host

2016-09-06 Thread David Thornton via talk 
So I didn't know that about qemu.  I've been thinking about doing a Linux
from scratch for my pi Zero. I feel like qemu would be the tool to do that .

At the risk of forking the thread... anyone done that?

On Tue, Sep 6, 2016, 9:18 AM Lennart Sorensen via talk 
wrote:

> On Sat, Sep 03, 2016 at 07:39:30PM -0400, William Park via talk wrote:
> > This is where my confusion starts...
> >
> > - I can run VirtualBox or QEMU, but not both at the same time.
>
> You can run qemu without -enable-kvm at the same time as virtualbox,
> but it is quite slow when run that way.  It is only when running kvm
> (which is qemu with -enable-kvm) that you can't run virtualbox (and
> probably not vmware either for that matter).  Only one vm system using
> vt-x can be enabled at a time.
>
> > - VirtualBox can run with or without KVM modules.
>
> No apparently virtualbox can not run if kvm kernel modules are loaded.
>
> > - QEMU requires KVM modules.
>
> Only if you run it with -enable-kvm.  Otherwise it does its own (slower)
> thing.
>
> > Current machine: i3 cpu, H97 chipset
>
> As far as I know all i3 chips have vt-x, so that should be fine.
>
> --
> Len Sorensen
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk

Re: [GTALUG] Setting up a VM host

2016-08-26 Thread David Thornton via talk 
I've used proxmox . It got me up and running with a gui quick.

But I've also use virtual box ( oracle : yuck ) and that also got me up and
running quick.

"professionally" I sit in front of a lot of vmware, but that's closed / for
pay / proprietary / expensive. ( but feature rich )

(I've not used libvrt / rhev / kvm so my perspective is limited)

David


On Fri, Aug 26, 2016 at 11:34 AM, Lennart Sorensen via talk  wrote:

> On Fri, Aug 26, 2016 at 10:37:37AM -0400, Giles Orr via talk wrote:
> > If I wanted to set up a host for a bunch of headless VMs, what's the
> > OS/Hypervisor to run these days?  I'm doing this out of curiosity and
> > for testing purposes.  I don't exactly have appropriate hardware - an
> > i5 with 16GB of memory - but it should be sufficient to run 5-10 VMs
> > for my very limited purposes (private network, none of the VMs will be
> > public-facing).  QEMU/KVM looks like the best choice for a FOSS
> > advocate?  Other recommendations?  I could particularly use a good
> > HOWTO or tutorial if anyone knows of one.  Thanks.
>
> I certainly like kvm.  Works well.  Finding examples for how to start if
> isn't hard.  I am personally NOT a fan of libvirt and the associated
> crap it provides and much prefers just making a shell script to pass
> the right arguments to qemu myself.
>
> As long as you have VT support (Most if not all i5s do, as long as it
> is on in the BIOS/UEFI), I would think that should be fine.  16GB would
> certainly allow you 10 1GB or 5 2GB VMs without any issue.  Creative
> people would try and use KMS (kernel memory sharing I think it is),
> to merge identical pages between VMs to save some resources.  It's a
> neat feature.
>
> Depending on what you intend to do with them and put in them, some people
> might use containers instead (like lxc and such).  It has its own
> limitations but uses less resources.  If you are looking to run different
> OSs though, then containers are not what you want.
>
> --
> Len Sorensen
> ---
> Talk Mailing List
> talk@gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>
---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk