Skip to content

Blog

Articles written by the site owner

46 Topics 276 Posts
  • 87 Votes
    124 Posts
    10k Views

    @crazycells Seems this link requires you to sign up for NY times. Adding the below to replace it

    https://www.theverge.com/2016/3/24/11297050/tay-microsoft-chatbot-racist

  • CSS border gradients

    10
    2 Votes
    10 Posts
    50 Views

    ah f5 need 🙂

  • 3 Votes
    4 Posts
    189 Views

    I’ve been using this service for a couple of days now, and it’s made my internet access so much faster. That alone is a plus, and I never thought there would be a contender for Cloudflare in this area.

  • 2 Votes
    1 Posts
    113 Views

    I came across this news article this morning

    https://news.sky.com/story/e3-cancelled-gamings-most-famous-event-killed-off-for-good-13028802

    This really is the end of an era, and it’s abundantly clear that the pandemic had a large part to play in its demise. From the article:

    It comes after plans for its return earlier this year were scrapped, with the likes of PlayStation maker Sony and Assassin’s Creed developer Ubisoft among the companies that planned to skip it.

    When big players such as Sony and Ubisoft do not plan on attending, the writing is on the wall. During the pandemic, various organisations were forced to adopt new ways of promoting their products, with live streams becoming the new normal - and by order of magnitude, a much cheaper alternative that has the same impact.

    This clearly demonstrates that technology is continually evolving, and there doesn’t seem to be any signs of a return to previous pre-pandemic forms on multiple fronts. Just look at how the work from home model has dramatically changed, with virtually every organisation having some form or remote working program they never considered before.

    Along the same lines, companies that were relatively minor before the pandemic have enjoyed a meteoric rise since being in a unique position to fill the void created by the pandemic. Out of the many is Zoom - take a look at the revenue graph below for an example

    b486247b-8af4-4b6a-b180-c27838d2c59f-image.png

    Source - https://www.businessofapps.com/data/zoom-statistics/

    At the peak of pandemic. Zoom reported 200m connections per day, and whilst that figure may have dropped of late, Zoom is still considered the #1 video conferencing tool and used in day-to-day life to facilitate meetings across the globe - even for people sitting in the same office space.

    However you look at it, most of these pandemic “rising stars” are now here to stay and considered part of everyday life.

  • 13 Votes
    17 Posts
    468 Views

    @小城风雨多 I was a die-hard OnePlus user since the 6T, but my experience with the 9 series has left me extremely disappointed and I probably won’t go back now I have a Samsung S23+ which works perfectly.

  • 1 Votes
    3 Posts
    136 Views

    @DownPW absolutely. Then there’s also the cost of having to replace aging hardware - for both the production site, and the recovery location.

  • 2 Votes
    1 Posts
    105 Views

    Just seen this post pop up on Sky News

    https://news.sky.com/story/elon-musks-brain-chip-firm-given-all-clear-to-recruit-for-human-trials-12965469

    He has claimed the devices are so safe he would happily use his children as test subjects.

    Is this guy completely insane? You’d seriously use your kids as Guinea Pigs in human trials?? This guy clearly has easily more money than sense, and anyone who’d put their children in danger in the name of technology “advances” should seriously question their own ethics - and I’m honestly shocked that nobody else seems to have a comment about this.

    This entire “experiment” is dangerous to say the least in my view as there is huge potential for error. However, reading the below article where a paralyzed man was able to walk again thanks to a neuro “bridge” is truly ground breaking and life changing for that individual.

    https://news.sky.com/story/paralysed-man-walks-again-thanks-to-digital-bridge-that-wirelessly-reconnects-brain-and-spinal-cord-12888128

    However, this is reputable Swiss technology at it’s finest - Switzerland’s Lausanne University Hospital, the University of Lausanne, and the Swiss Federal Institute of Technology Lausanne were all involved in this process and the implants themselves were developed by the French Atomic Energy Commission.

    Musk’s “off the cuff” remark makes the entire process sound “cavalier” in my view and the brain isn’t something that can be manipulated without dire consequences for the patient if you get it wrong.

    I daresay there are going to agreements composed by lawyers which each recipient of this technology will need to sign so that it exonerates Neuralink and it’s executives of all responsibility should anything go wrong.

    I must admit, I’m torn here (in the sense of the Swiss experiment) - part of me finds it morally wrong to interfere with the human brain like this because of the potential for irreversible damage, although the benefits are huge, obviously life changing for the recipient, and in most cases may outweigh the risk (at what level I cannot comment not being a neurosurgeon of course).

    Interested in other views - would you offer yourself as a test subject for this? If I were in a wheelchair and couldn’t move, I probably would I think, but would need assurance that such technology and it’s associated procedure is safe, which at this stage, I’m not convinced it’s a guarantee that can be given. There are of course no real guarantees with anything these days, but this is a leap of faith that once taken, cannot be reversed if it goes wrong.

  • How do you manage IT pros?

    Moved
    3
    1 Votes
    3 Posts
    149 Views

    @DownPW yes, exactly my point.

  • 1 Votes
    3 Posts
    160 Views

    @Panda said in Wasting time on a system that hangs on boot:

    Why do you prefer to use KDE Linux distro, over say Ubuntu?

    A matter of taste really. I’ve tried pretty much every Linux distro out there over the years, and whilst I started with Ubuntu, I used Linux mint for a long time also. All of them are Debian backed anyway 😁

    I guess I feel in love with KDE (Neon) because of the amount of effort they’d gone to in relation to the UI.

    I agree about the lead and the OS statement which is why I suspect that Windows simply ignored it (although the Device also worked fine there, so it clearly wasn’t that faulty)

  • 16 Votes
    12 Posts
    314 Views

    @phenomlab 👍

  • 10 Votes
    12 Posts
    375 Views

    @veronikya said in Cloudflare bot fight mode and Google search:

    docker modifications are a pain in the ass,

    I couldn’t have put that better myself - such an accurate analogy. I too have “been there” with this pain factor, and I swore I’d never do it again.

  • 2 Votes
    3 Posts
    140 Views

    @DownPW If you don’t mind a retro display type of Dot Matrix - why on earth would anyone want that? I get the concept, but it’s nothing more than a gimmick and adds zero value to the operation of the handset.

    Sustainable product… with a £600 plus price tag…

    “Nothing Phone”? More like “Nothing Special” 😄

  • 9 Votes
    12 Posts
    295 Views

    @crazycells said in ION brings clients back online after ransomware attack:

    you know, they believe the world revolves around them

    Haha, yes. And they invented s*x.

  • 4 Votes
    3 Posts
    222 Views

    @Panda Sorry - it’ll be there now. I am also using a “curse words” plugin that looks for a**, but also blocks “assets” - not very well written sadly…

  • 6 Votes
    6 Posts
    155 Views

    @DownPW agree. I think the warm and welcoming atmosphere is what makes people return. I like the idea that members feel free to come and go as they please, but even if they are away for a while, they come back to the same experience every time.

  • 5 Votes
    4 Posts
    476 Views

    @crazycells I guess the worst part for me was the trolling - made so much worse by the fact that the moderators allowed it to continue, insisting that the PeerLyst coming was seeing an example by allowing the community to “self moderate” - such a statement being completely ridiculous, and it wasn’t until someone else other than myself pointed out that all of this toxic activity could in fact be crawled by Google, that they decided to step in and start deleting posts.

    In fact, it reached a boiling point where the CEO herself had to step in and post an article stating their justification for “self moderation” which simply doesn’t work.

    The evidence here speaks for itself.

  • 1 Votes
    1 Posts
    152 Views

    At the heart of today’s communications is a network. Ranging from simplistic to complex, each of these frameworks plays a pivotal role in joining disparate nodes together. But what happens when a design or security flaw impacts the speed, functionality, and overall security of your network ?

    What factors create a network ?

    A network is a collection of components that, when joined together, provide the necessary transit to carry information from one system to another. The fundamental purpose of a network is to establish inter-connectivity between disparate locations, leverage a mutually understood communication language, and allow traffic to pass over a physical or logical link. The endless possibilities provided by a modern network allows businesses and individuals to communicate seamlessly, allowing for collaboration, communication, and integration whilst providing a centralized model for overall management.

    The network has its origins set back as far as the 1960’s, and over the years, various implementations of connectivity standards and the associated fabric dawned and waned. The consolidation of these proposals (known as RFC) created three new standards – Ethernet, UDP, and TCP/IP. These accepted standards now form the underlying foundations of the network we utilize today – both from the enterprise perspective in the workplace and the individual using the internet. Ethernet is the physical medium (a network card, for example), whilst TCP and UDP are the transport protocols, or the common language mutually understood by thousands of vendors.

    Adopted standards

    These early standards became the groundwork that the internet we know today was built on. Formerly known as ARPANET, and originally developed as a university network, it’s popularity and usage grew exponentially to form the world’s largest collection of interconnected devices, and led to it being nicknamed The Information Superhighway. The birth of the internet became the seed that established the genesis of communication we all now take for granted on a daily basis.

    Today’s industry standards dictate how network equipment should be connected together, and with even the most basic knowledge, anyone can connect themselves to the internet in a matter of minutes. This ease of configuration and deployment means businesses and individuals can be online within a short time frame – albeit using an “out of the box” design, and with little (if any) consideration for security or risk.

    Security implication

    The security implications of any network are a constantly moving target. New vulnerabilities are discovered in vendor equipment on a daily basis, and with some of these vulnerabilities being resident since day one (but either undiscovered or undisclosed) , planning for every possible scenario isn’t feasible – particularly if you have limited resources. When designing a network, it’s important to implement a means of limiting the attack vector. Whilst this sounds very complex, to a seasoned network architect, it isn’t. Essentially, what you should be doing is creating a jail based environment for each network segment.

    Think outside of the box at this point – the general application of inside, outside, DMZ etc no longer provide sufficient scope if an attacker has made it onto your internal network. For example, take two departments, such as accounting and operations. How likely is it that these two entities need to share information or communicate directly at a PC level ? With this in mind, an accepted standard is for each department to reside in it’s own VLAN. Using industry defined ACLS, each department cannot communicate directly with another. They do, however, have access to the server VLAN - although this should also follow a similar security regime of only permitting access to essential services - in other words, adopt the least privilege model.

    Whilst this sounds obvious, most network designs do not factor in this basic requirement. By “segmenting” each department, you establish a boundary between each of them. This means that if malware were to be installed on a PC in accounting, it would not be able to infect a machine in operations, or HR. Containerized network designs are secure, but not perfect. In the event of a PC being infected with malware, the VLAN it resides in still has access to the servers and other associated infrastructure that the client needs in order to perform it’s desired function. In this case, you would also need to only permit access to critical or essential services. The upside of such an approach is that the implemented network security means that a malware or ransomware attack is limited to infecting a small number of machines rather than the whole network. The downside is that there is an initial overhead in terms of discovery, implementation, and testing. In my view, however, the dividends outweigh the effort.

    Balancing security against functionality

    Securing the server VLAN can be problematic. Establishing a balance between over gratuitous and insufficient connectivity is the ultimate headache. At this point, you need to consider what resides in this network segment. In essence, it’s the business equivalent of the crown jewels - the critical components of your entire estate. This “no fly zone” contains a wealth of information that is of interest and value to a cyber criminal. Assets such as intellectual property, financial data, and personally identifiable information are all a potential target in the event of a data breach.

    If you consider the role that servers have, you’ll probably find that most of them really should not have (or even need) raw access to the internet. There are always some exceptions to this rule, but one of the first target areas to consider is the level of access to the outside world granted to a server. Even a server using NAT to communicate with an external host is at risk of compromise. From the network perspective, establishing a remote connection is just the start of a series of conversations and negotiations between the two endpoints. The main differences between TCP and UDP is that one waits for a response to a connection, whereas the other does not. UDP is a fire and forget protocol, making it ideal for DNS, SNMP, SYSLOG, and a wealth of other applications. TCP on the other hand will wait for a response from the remote host before continuing with the session. A lack of access in or out of a VLAN is not an attractive prospect for even a determined hacker.

    Using various techniques, a cyber criminal can intercept the TCP headers to inject malicious content or payload, or masquerade as the remote host by means of a TCP redirect. This means that the network you are connected to may not be what you expected or desired. Packet sniffing is very easy once you have an understanding of how products such as WireShark function (an exploit known as eavesdropping). In order to significantly reduce the possibility of attack, only servers that have an essential requirement for an Internet connection in order to fulfill their designated function should be permitted access – even then, it should be only to the ports and IP addresses required, and nothing else. It goes without saying that industry standards should be adopted and adhered to – requests should be via a firewall with IDS and IPS capabilities. These devices have the ability to look at a network steam and determine if it has been tampered with. If the hashes do not match, or there are signs of modification not requested by either party, the session is destroyed (if using IPS) and an alert raised. This functionality can be dramatically altered by misconfiguration, so check thoroughly.

    Vulnerabilities generated by older firmware

    Devices running inferior versions of firmware are subject to compromise and potential exploit – particularly if they are edge based routers that are accessible from the outside world. Older versions of firmware on exposed routers can pose a significant risk to your perimeter and internal networks if vulnerabilities are not located and resolved quickly. A vulnerable router on a network can easily become an infiltration and extraction point, and you could find yourself the unwilling target of a data breach.

    On the whole, adequate network design not only takes redundancy, scalability, and availability into account, but also security and stability. A classic example of failure to address the latter is the difference between your network standing up to a DDoS attack, or still being functional with only one VLAN or segment impacted. The days where we only made provisions for disaster recovery and business continuity are over. Security needs sound investment and knowledge in order to understand principles and apply standards correctly.

    Takeaway

    I’m not into preaching to others about how they should be doing things from the networking perspective, but my basic advice would be

    Carefully plan any new network implementation in advance. Visio and whiteboard sessions are important when thrashing out ideas, as an overall picture of the landscape is generally easier to digest than just text. Involve peer groups and key individuals from the outset. Everyone has their own unique insight as to how things should be structured, and just because it works for security, or the model you are developing, it may not necessarily work for the business as a whole Be prepared to make changes to the design, and by definition, listen to business advice. Nobody creates the holy grail of network concepts and implementation on their first attempt Unless you are blessed with a green field site, make a point of understanding the existing infrastructure and architecture, and design a mechanism for coexistence between the two environments. Be mindful of the potential for conflicting standards when dealing with different vendor equipment, and also consider that security could be negated in the existing environment whilst the integration process is underway.

    These are just a few of the points – there are many others. Want to know more, or have questions ? Just ask 🙂

  • Linux vs Windows - who wins ?

    1
    1 Votes
    1 Posts
    132 Views

    During an unrelated discussion today, I was asked why I preferred Linux over Windows. The most obvious responses are that Linux does not have any licensing costs (perhaps not the case entirely with RHEL) and is capable of running on hardware much older than Windows10 will readily accept (or run on without acting like a snail). The other seeking point for Linux is that it’s the backbone of most web servers these days running either Apache or NGINX.

    The remainder of the discussion centered around the points below;

    Linux is pretty secure out of the box (based on the fact that most distros update as part of the install process), whilst Windows, well, isn’t. Admittedly, there’s an argument for both sides of the fence here - the most common being that Windows is more of a target because of its popularity and market presence - in other words, malware, ransomware, and “whatever-other-nasty-ware” (you fill in the blanks) are typically designed for the Windows platform in order to increase the success and hit rate of any potential campaign to it’s full potential.

    Windows is also a monolithic kernel, meaning it’s installed in it’s entirety regardless of the hardware it sits on. What makes Linux unique is that each module is compiled based on the hardware in the system, so no “bloat” - you are also free to modify the system directly if you don’t like the layout or material design that the developer provided.

    Linux is far superior in the security space. Windows only acquired “run as” in Windows XP, and a “reasonable” UAC environment (the reference to “reasonable” is loose, as it relates to Windows Vista). However, Microsoft were very slow to the gate with this - it’s something that Unix has had for years.

    Possibly the most glaring security hole in Windows systems (in terms of NTFS) is that it can be easily read by the EXT file system in Linux (but not the other way round). And let’s not forget the fact that it’s a simple exercise to break the SAM database on a Windows install with Linux, and reset the local admin account.

    Linux enjoys an open source community where issues reported are often picked up extremely quickly by developers all over the world, resolved, and an update issued to multiple repositories to remediate the issue.

    Windows cannot be run from a DVD or thumb drive. Want to use it ? You’ll have to install it

    Linux isn’t perfect by any stretch of the imagination, but I for one absolutely refuse to buy into the Microsoft ecosystem on a personal level - particularly using an operating system that by default doesn’t respect privacy. And no prizes for guessing what my take on Apple is - it’s essentially BSD in an expensive suit.

    However, since COVID, I am in fact using Windows 11 at home, but that’s only for the integration. If I had the choice, I would be using Linux. There are a number of applications which I’d consider core that just do not work properly under Linux, and that’s the only real reason as to why I made the decision (somewhat resentfully) to move back to Windows on the home front.

    Here’s a thought to leave you with. How many penetration testers do you know that use Windows for vulnerability assessments ?

    This isn’t meant to be an “operating system war”. It’s a debate

  • 5 Votes
    5 Posts
    377 Views

    @qwinter very well put. Great points and I can certainly align with these. I personally don’t see no university as a barrier to progression. My old boss said that he’d take preference with anyone who had a degree because of their “ability to think logically” (I kid you not). I said “well, you hired me and I don’t have a degree…”.

    He paused for a moment realising that he’d literally dug himself a hole and fell in it. He then said “ah yes, but you’re an exception”.

    “Exception” or not - it’s still a bigoted reasoning mechanism, and elitist to put it mildly. Class distinction springs to mind here.

  • 5 Votes
    4 Posts
    333 Views

    @crazycells love this article. You’re absolutely right about people using colors that are either completely at odds with the scheme on their own site, or have no real concept of theming itself or swatches.

    There’s nothing worse than garish colour on a web site. Nothing more than back button fodder.