Sep 122015

Google always pimps good videos. Here is one. In breathtaking 1080p, its awesome quality to watch.

What is it that makes us human? Is it that we love, that we fight ? That we laugh ? Cry ? Our curiosity ? The quest for discovery ?
Driven by these questions, filmmaker and artist Yann Arthus-Bertrand spent three years collecting real-life stories from 2,000 women and men in 60 countries. Working with a dedicated team of translators, journalists and cameramen, Yann captures deeply personal and emotional accounts of topics that unite us all; struggles with poverty, war, homophobia, and the future of our planet mixed with moments of love and happiness.

Aug 022015

It’s been a while since my last post – and this one is a doozey.

So Bind is one of the most popular DNS servers on the planet. Just about everyone runs it. So when news breaks that a specially crafted request can cause the named process to exit, then a problem is presented.

Enter CVE-2015-5477.

The official report says:

named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.

This doesn’t really convey the severity of the issue. Thankfully, the ISC elaborate more. In it, they say:

The practical effect of this is that this bug is difficult to defend against (except by patching, which is completely effective) and will not be particularly difficult to reverse-engineer. I have already been told by one expert that they have successfully reverse-engineered an attack kit from what has been divulged and from analyzing the code changes, and while I have complete confidence that the individual who told me this is not intending to use his kit in a malicious manner, there are others who will do so who may not be far behind. Please take steps to patch or download a secure version immediately.
This bug is designated “Critical” and it deserves that designation.

Essentially, “You’re screwed. Upgrade now”.

If you’re a system admin, and you’re reading this, check your bind version now, make a coffee, then dig in for the long haul.

Jul 072015

I stumbled across this text – which does come from an anonymous source, but seems to be credible enough to have at least somewhat valid information. I removed Google Adsense from my site months ago – simply because I had a feeling that something going on – when I compared Google’s information against my own statistics, they were miles apart.

Interestingly enough though, there is quite a bit of information that states it might be a fake. This may well be the case, but the interesting part is this: If this is true, how would someone know? Further, what actual action can a publisher take on a company in another country?

As always with information on the internet, take it with a grain of salt – because at the end of the day, it may just be a nice story…

Anyhow here’s the full text – completely unedited:
Continue reading »