I have to say, I’m having a hard time to get this song out of my mind today. So its my duty to infect everyone else with this earworm.

Google always pimps good videos. Here is one. In breathtaking 1080p, its awesome quality to watch.

What is it that makes us human? Is it that we love, that we fight ? That we laugh ? Cry ? Our curiosity ? The quest for discovery ? Driven by these questions, filmmaker and artist Yann Arthus-Bertrand spent three years collecting real-life stories from 2,000 women and men in 60 countries. Working with a dedicated team of translators, journalists and cameramen, Yann captures deeply personal and emotional accounts of topics that unite us all; struggles with poverty, war, homophobia, and the future of our planet mixed with moments of love and happiness.

A comrade has died.

I always feel sad when I read about these kinds of things. As yet, the unnamed female student pilot from RMIT Flight Training has crashed on her first solo cross country at Millbrook.

News coverage - ABC, 7 News.

Aviation is an unforgiving and dangerous industry. Never forget this.

Some of you may have noticed (but most probably haven’t) that this site is now native IPv6 enabled.

Interestingly, I can see some traffic already going to the IPv6 address.

If you have any issues, let me know as I’m still getting my head around it all.

It’s been a while since my last post - and this one is a doozey.

So Bind is one of the most popular DNS servers on the planet. Just about everyone runs it. So when news breaks that a specially crafted request can cause the named process to exit, then a problem is presented.

Enter CVE-2015-5477

The official report says:

named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.

This doesn’t really convey the severity of the issue. Thankfully, the ISC elaborate more. In it, they say:

The practical effect of this is that this bug is difficult to defend against (except by patching, which is completely effective) and will not be particularly difficult to reverse-engineer. I have already been told by one expert that they have successfully reverse-engineered an attack kit from what has been divulged and from analyzing the code changes, and while I have complete confidence that the individual who told me this is not intending to use his kit in a malicious manner, there are others who will do so who may not be far behind. Please take steps to patch or download a secure version immediately.   This bug is designated “Critical” and it deserves that designation.

Essentially, “You’re screwed. Upgrade now”.

If you’re a system admin, and you’re reading this, check your bind version now, make a coffee, then dig in for the long haul.