New GNU Screen – 4.2.1 – first in 6 years.

Filed in LinuxTags: , ,

For all you console junkies (the command console, not that WeePlayBOne thing), Amadeusz Sławiński and friends have released the first new update to GNU Screen in six years.  I’ve pulled the source and compiled it (under CentOS 6.5, GCC 4.4.7, Kernel 2.6.32, bash 4.1.2).

You can find the new source here: GNU Screen 4.2.1

I’ll be putting the new options and features through their paces over the next few days as I go about my day to day Ops duties.  I use screen much more now than in the past, so this should be an adventure.

I’m interested in hearing other’s take on the new features.  Drop them in the comments below.

Scott

 

 

And the hits keep on rolling.. AOL hacked; passwords taken.

Filed in SecurityTags: , ,

And the Internet Security Trifecta is complete.   AOL announced on their blog today that they have “determined that there was unauthorized access to information regarding a significant number of user accounts“.  The information access includes “users’ email addresses, postal addresses, address book contact information, encrypted passwords and encrypted answers to security questions.

So head on out to AOL and change your passwords and sec questions.   Might want to change any passwords for any sites you use AOL email as the security contact for as well.

 

And… Another one. This time in Flash.

Filed in Linux, Microsoft, OS-X, SecurityTags: , , , , ,

Look.  Another security exploit.  This time in that bastion of ultimate security.. er.. hang on.. what’s this?  It’s in Flash?  This is news?  Oh, a *NEW* one in Flash.  Got it.

Ok.  Where were we?  Looks like another security vuln in the wild.  This one’s in Flash and effects all three major OSes.  Yep, that’s right you penguins..  Linux is included in this one.  So get your YUM and APT repos spun up and update those boxen.

Krebs has the details here: Adobe Update Nixes Flash Player Zero Day

So there you have it.  Two major web exploitable vulns in two days.  Waiting for the other two shoes to drop; Java and Acrobat.

PS: Is it strange that I’m using a terminal window to cut/paste text from websites to strip it of hidden formatting?  Yes?  It is?  Good.

Code execution flaw in ALL versions of IE since 6.

Filed in Microsoft, SecurityTags: , , , ,

April has been the month of monumental holes in security on the net.  First there was Heartbleed (and as always, XKCD has a great explanation of what the Heartbleed vulnerability is: http://xkcd.com/1353/)

Not to be outdone by a mere open source project, Microsoft has announced a new 0-day vulnerability in all versions of IE since IE 6.  How you can call something “0-day” when it’s been there 12 or 13 years I’m still kind of fuzzy on.

As I understand the bug, it allows an attacker to use a specifically crafted html page execute arbitrary code on the user’ machine under the credentials IE was assigned at launch.   If you’re running as an administrator (who does that in Windows??), you’re pretty much wide open.

Microsoft released a tech bulletin about the flaw over the weekend that goes into a bit of depth about the flaw and lists what versions of IE are vulnerable.  Basically all of them.  If you’re running Server 2008 R2 or later, you *should* be ok if you’re still running IE under limited credentials.

The bulletin is here: Microsoft Security Advisory 2963983

Microsoft hasn’t released a patch yet, but I suspect we’ll see something in a day or so as an out-of-band release.  I can’t imagine even Microsoft waiting around for this one.

 

A short rant about Amazon’s EC2.

Filed in Amazon EC2, CloudTags: , , ,

Intellectually I understand why, but “Why can’t I change the Security Group of an instance after I built it?”  WHY??????????????

It sucks working a couple of hours to troubleshoot a group of servers only to find that you picked the wrong sec group for them.  Kill em and start over is the only answer I can find.

If some of you big brains out there have a solution, drop me a hint in the comments.

 

About those Hugos.

Filed in Hugos, SF&F, UncategorizedTags: , , , ,

There has been quite kerfuffle going on all over the blogs and facebooks and twitters about this year’s Hugo Award nominations.   Rather than confine myself to short quips or not so short screeds buried in a dozen blogs or facebook threads, I’ll just leave my thoughts here.

Some links about the Hugo Kerfuffle.  From there you can dive as deep into this issue as you want.  Ultimately, it all started with a flare up over some presenter for the awards being not politically correct enough for a certain vocal minority of SF&F readers.

Ok, enough.  Links:

I’m sure there are other links out there.  Go google them for yourself.

Now my take on all of this:

Something that bears remembering is how the Hugo nominations work.    Anyone (and I do mean *anyone*) with $40 or $50 can purchase an associate level membership to WorldCon and nominate their choice for the Hugos.  That’s it.  It’s a popularity contest, decided by *the READERS and FANS* of the SF&F genre.

How did Vox Day and Larry Correia and other such “controversial” authors make it onto the ballot this year?   Fans.  Their fans voted them there.   That’s it.

Now, as to whether the Hugo administrators should *let* someone with controversial views onto a ballot, I am firmly in the camp of “if the votes are there, they’re on the list”.

Where has SF&F genre fiction gone when something as trivial as contrary political or social views of an author, or even a book, leads to such an outcry of “burn him!” within the fandom communities?

SF&F is about pushing boundaries, testing ideas, playing with mores and social constructs, expanding horizons.   It is also, and much more importantly, about entertainment.

Each of us, as a purchaser and reader, must make a value judgement when we set out to exchange our energy for the energy of the author.   Energy in the form of our money and his effort to put a story down on paper.   We have to ask ourselves if the return we get from this book, be it entertainment, education, etc..  is of more value to us than the energy (ie.. money, time to drive to library, etc..) we must expend to acquire it.

If not, then don’t.  The reason, outside your own decision, is irrelevant.  It simply does not and can not matter to another human why you made that choice.

The people screaming from the top of the blogosphere with all their voice and pageviews about these two and a few select other authors have done just the opposite of what they want to happen.  They’ve given them a platform and a notoriety they otherwise would have had to expend significant amounts of their own energy to attain.

Calls for boycotts, ‘approved’ and ‘disapproved’ lists for awards or conventions or panels, reeks of McCarthyism.  “He doesn’t toe the line on XYZ! Burn him!”.

I had hoped that in 2014, we were beyond that.  I had hoped that, finally, in an era of communications technologies undreamed of by the greats of SF&F just two generations ago, we had gone beyond the nanny-ism I’m seeing.   “He offended me!  Make him stop!”

So I say to you, read what you want to read.  Recommend what you want to recommend.  Complain about what you want to complain about.  I’ll defend you to any power you name.  But gods help you if you deny my right to do the same.

 

Categories
Click to view/hide
Calendar
Click to view/hide
April 2014
M T W T F S S
« Jan   May »
 123456
78910111213
14151617181920
21222324252627
282930