Re: Huawei on Mount Everest
On 01/05/2020 19:13, Eric Tykwinski wrote: > how the hell are they going to get power up there for dependability. > Solar power sure is a great option, but I was under the assumption > that repairs will be hell to put it bluntly. > Batteries in that cold of a climate is also a regular trip. which > doesn’t seem feasible, unless there’s something I don’t know. RTG of course. :-) To be thrown down a crevasse when it is finished with... -- Mark Rousell PGP public key: http://www.signal100.com/markr/pgp Key ID: C9C5C162
Re: idiot reponse
On 27/02/2020 00:30, Patrick Schultz wrote: > > I've also seen employees leaving companies and their addresses being > rerouted to the support mailbox. > That's a very interesting point. I had not considered it as a possible cause of this problem. -- Mark Rousell
Re: idiot reponse
On 26/02/2020 16:24, Randy Bush wrote: > act...@nanog.org seems to no longer exist. how should i be whining > about the following? > > From: Electric Forest Festival > Subject: Forest HQ Has Received Your Message: Re: Hi-Rise Building Fiber > Suggestions > To: ra...@psg.com > Date: Wed, 26 Feb 2020 16:15:25 + > > Electric Forest 2020 will take place on June 25-28, 2020. Forest HQ has > received your email. Help save precious resources by reviewing the > information below and looking up common questions in The Forest Frequently > Asked Questions: Experience.ElectricForestFestival.com Please contact > Festival Ticketing Support at 855-279-6941 for all issue regarding your > purchase or for account troubleshooting. Electric Forest is sold out. Lyte > is the only HQ endorsed way to get passes now that it’s sold out. To know > when all things Electric Forest 2020 are happening sign up to the EF > Newsletter. Happy Forest! This (or what it appears to be) is happening on an increasing number of mail lists. It's not many but it's there I don't know who is behind it or why, but it's an increasing annoyance. This is a quick summary of what seems to be happening: (1) A legitimate company's or organisation's helpdesk email address is signed up to a mail list like this one. (2) Every time someone posts to the list, they receive an automated notification from the helpdesk. (3) On mail lists where DMARC mitigation is in effect, the notification comes back to the mail list. (4) A consistent pattern is that the helpdesk staff seem utterly incapable of unsubscribing themselves from the list. They always seem to need to be unsubscribed by a list admin. The key question to my mind is how do these helpdesks get signed up at all? Presumably it's not the helpdesk staff themselves signing them up. It would appear that someone, somewhere has found a vulnerability in Mailman (as far as I can recall I've only seen this on Mailman lists) and is intentionally signing up legitimate company helpdesks to mail lists. Lists with an active admin/mod can fix the problem quickly by unsubscribing the helpdesk. Is it an attempted (rather feeble) DoS on the mail lists affected, on the concept of a mail list, or on the companies affected? I don't know. I can't see any real point to it. But it's happening. -- Mark Rousell
Re: Thursday: Internet outage eastern Europe Iran and Turkey
On 22/12/2019 02:08, Christopher Morrow wrote: > outages@ is that list I think? For anyone looking for it: https://puck.nether.net/mailman/listinfo/outages -- Mark Rousell
Re: PSA: change your fedex.com account logins
On 31/05/2019 16:02, Niels Bakker wrote: > * r...@gsp.org (Rich Kulawiec) [Fri 31 May 2019, 16:18 CEST]: > [...] >> This is hardly surprising: many of them are spammers-for-hire, many of >> them use invasive tracking/spyware, and none of them actually care in >> the slightest about privacy or security -- after all, it's not *their* >> data, why should they? > > Which is why we now have GDPR. Care, or get fined. Not quite so simple, though, is it. If you want to make a complaint then you have to get your EU national data protection regulator interested. Even the worst-leaking ESPs are unlikely to generate many complaints, I suspect. And if they are located outside the EU with no direct business presence within the EU then it requires the regulator to make approaches to foreign governments who might or might not be willing to cooperate. In the UK the data protection regulator is the ICO and, whilst it is perhaps one of the better UK regulatory agencies, I still wouldn't hold out much hope of getting them to do anything like this (where multiple levels of evidence would need to be collected) in individual cases. > Unfortunately it's not that easy; the few large remaining mail hosters > at best have opaque procedures when it comes to accepting mail. Sadly so but I think that if you have a decent and consistent volume (and follow all the usual good hygiene requirements) then it should be possible to get on their automated radar in a positive way. It seems to me that it's small volume senders who have the real deliverability problems. -- Mark Rousell
Re: EXERCISE: 2019 IAA Planetary Defence Conference - Day 5 Scenario
On 08/05/2019 02:44, Sean Donelan wrote: > Of course, any fictional scenario is more likely to hit an ocean or > miss the planet. But that makes for a dull exercise. An ocean impact needn't be boring. It would potentially create megatsunamis over a possibly wide area on multiple coasts. Even cities away from coasts but on rivers could be affected. A large ocean impactor could even damage undersea cables. -- Mark Rousell
Re: bloomberg on supermicro: sky is falling
On 04/10/2018 22:28, Naslund, Steve wrote: > > Quite different really. FIREWALK is really an intercept device to get > data out of a firewalled or air gapped network. The exploit Bloomberg > describes would modify or alter data going across a server’s bus. The > big difference is the Bloomberg device needs command and control and a > place to dump the tapped data to over the server’s network > connection. That device is not going to be able to do so out of any > classified military network I have ever worked on. Or anyone with a > halfway decent firewall (which I would assume Apple and Amazon would > have for the internal servers). I think this article is unlikely to > be true for the following reasons : > > > > 1. Separate chip is much more detectable physically than an > altered chipset that is already on the board. > > 2. Requires motherboard redesign to get access to power and > buses needed (again easily detectable during any design mods “hey does > anyone know what these are for?”) > > 3. Does not have onboard communications so it will be sending > data traffic on the network interfaces (will definitely trigger even > the most rudimentary IDP systems).It relies on these backbone > Internet companies and Intelligence agencies to have absolutely > abysmal security on their networks to be at all useful. > > 4. Parts would have to be brought into the plant, stored > somewhere, and all the internal systems would need a trail of where > the part came from, how ordered it, where it is warehoused, loaded > into pick/place, etc. Much better to compromised an existing chips > supply chain. > Whatever the truth here, I'm sure that the article as it is written isn't telling us everything. There's more to this than meets the eye including, quite possibly, the full facts about how data would be exfiltrated and/or, perhaps, exactly what was done to the customers' hardware. > Does anyone think that someone somewhere is trying to kill > Supermicro? They sure have had a lots of bad news lately. > Who knows. Perhaps we are intended to come away with certain impressions. -- Mark Rousell
Re: bloomberg on supermicro: sky is falling
On 04/10/2018 22:00, Naslund, Steve wrote: > The other thing I am highly skeptical of is the suggestion of attempting to > tap sensitive intel agency systems this way. Talking to a C server is > suicide from within their network. How long do you think it would take them > to detect a reach out to the Internet from inside? How are you going to get > the data from the outside back into their network? You still have to defeat > their firewalls to do it. If this was targeted to specialized video > processing server then would it not be unusual for them to be talking to some > random IP address on the Internet? If I understand the article correctly, all the 'infected' systems were built for outsourced service providers so not intended directly for the most sensitive of systems. Still, I agree that network activity is inevitably going to be seen in any modern competent network. In fact, the article states that odd network traffic is how Apple found out about the implants. I have observed that a common trait in technically complex stories like this is that we are not seeing the whole story. Key facts that cause everything to make sense to technical readers are often left out, either because those who have the information cannot release it (for safety or security reasons) or because it's perceived as too complex for the readership to understand. Sometimes these issues even result in deliberate inaccuracies being introduced. To put it another way: Considering that, if true, these were carefully targeted attacks it is possible that there were other ways to exfiltrate the target data that have been glossed over. That said, even in highly complex or high cost plans, people sometimes make basic errors. Misplaced decimal places, wrong units, etc. Perhaps relaying on network access was another basic error. -- Mark Rousell
Re: bloomberg on supermicro: sky is falling
On 04/10/2018 20:26, William Herrin wrote: > On Thu, Oct 4, 2018 at 3:07 PM Denys Fedoryshchenko wrote: >> It would be better for them(AMZN, SMCI, AAPL) to prove that these >> events did not take place - in court. > "Can't prove a negative." You can in effect do so by suing for defamation. It's then up to the person who has made allegedly defamatory claims to prove their claims. If they can't prove their claims in court then the claims are, in effect, proven to be false. However, I'm not sure that Amazon, Apple or Supermicro have actually been defamed by the article in question. In other words, there could be nothing to sue for. The PLA and Chinese government would have been defamed (if the claims are untrue) but that's a different matter. Any lawyers wants to offer an opinion? > The Bloomberg article described them as looking like 'signal > conditioning couplers" on the motherboard. There is no such part on > server boards but maybe they meant optoisolators or power conditioning > capacitors. The former is a hard place to tweak the BMC from without a > high probability of crashing it. The latter doesn't touch the data > lines at all. The mystery object in the pictures in the article seemed to me to (sort of) resemble a surface mount power conditioning capacitor. Note that there was no suggestion that the mystery objects were connected in place of capacitors; the article merely claimed that they were visually disguised. They would obviously have to connect to data lines somewhere to do what is claimed. > They also quoted someone describing such a hack as being "like > witnessing a unicorn jumping over a rainbow." I agree. It doesn't seem so unreasonable to me. If true, this is not a matter of fitting the mystery components to random hardware and hoping that they go somewhere useful. Instead, these were specific models of hardware being manufactured for specific customers for use in specific locations/roles. In other words, it was near-guaranteed that the hardware (or at least some of it) would end up being used in a location that carried 'interesting' target data. As such, this would be, if true, an example of very carefully targetted espionage, not some random lucky miracle. -- Mark Rousell
Re: Whois vs GDPR, latest news
On 17/05/2018 19:03, Zbyněk Pospíchal wrote: > Dne 17/05/2018 v 18:14 Sander Steffann napsal(a): >> Hi, >> >> But this regulation increases essential liberty for individuals, so I don't >> understand your argument... > No, it don't. It has two aspects: > > [...] Very well said. -- Mark Rousell
Re: Email security: PGP/GPG & S/MIME vulnerability drop imminent
On 15/05/2018 10:34, Rich Kulawiec wrote: > On Mon, May 14, 2018 at 01:47:50PM +0530, Suresh Ramasubramanian wrote: >> TL;DR = Don't use HTML email [snip] > > That's enough right there. HTML markup in email is used exclusively > by three kinds of people: (1) ignorant newbies who don't know any > better (2) ineducable morons who refuse to learn (3) spammers. > There are no exceptions. > > ---rsk If only life were so simple. I used to be a resolute user of plain text-only email. It was good enough for me. And then I realised how absurdly old fashioned this appeared to my clients. I'd send them emails explaining what I was going to do or about the new product or service, and it just looked boring and backward. I realised that I could no longer stick to plain text: It was actually harming my business. The world has moved on and rich content everywhere is now a must. It's no longer optional (although of course it depends on with whom one communicates). Yes, you can blame this on "ignorant newbies who don't know any better" but bear in mind that they are now the vast majority of users. They are the ones ultimately paying the bills and we have to adapt to their preferences, and not them to us. P.S. And I agree with Suresh in the previous message. It is true that there is a real problem here (more with S/MIME than PGP/GPG in practice) but it's being hyped up and overblown. The content does not fully support the headlines. -- Mark Rousell
