Domain: ucc.asn.au
Stories and comments across the archive that link to ucc.asn.au.
Comments · 20
-
Grammatical ambiguity [Re:Dropbear]
Could I gently point out that Dropbear is not, per se, a "trojaned ssh server". It is just a small opensource sshd implementation that is used for embedded applications, including things such as OpenWrt routers.
The sentence from the article was "Another recent addition to the group's arsenal is a backdoored version of a SSH server called Dropbear."
This is ambigous. It could be read either as "(a backdoored version of a SSH server) (called Dropbear)" or "(a backdoored version of) (a SSH server called Dropbear)".
That is, it's not clear whether the SSH server is called Dropbear, and it has been backdoored, or whether it is the backdoored version that is called Dropbear.
-
Dropbear
-
Dropbear
You could save yourself a lot of time and effort and consider using Dropbear.
-
SSH and HTTPS support?
This looks interesting but I can't find any information on whether it can run an SSH server or HTTPS on their site or through google. Does anyone know if it would be possible to port something Dropbear SSH to NuttX (assuming the CPU can handle it)?
They claim they have a POSIX-like system, which Dropbear needs so it should be possible, but has anyone done it yet? -
Re:Always more to the legends and stories...
I'm still a big fan of OpenSSL but yeah, it's prety good.
-
And Chrome is *ten* times more responsive.I found Crome to be about ten times as responsive as Firefox in the BrowserResponsivenessBenchmark: http://www.ucc.asn.au/~mccabedj/BrowserResponsivenessBenchmark.html
Their efforts in removing "Jank" from the UI thread seem to have paid off.
-
Re:TyanI have the same pattern http://trs80.ucc.asn.au/W5A00031.JPG http://trs80.ucc.asn.au/W5A00033.JPG from when I forgot to plug a molex into my 6600GT, so it was sucking all its power directly via the motherboard. Looking at your connector, it's a 20pin connector too, so I'd say you and I simply hit the physical current limit of the 20pin ATX connector. Server motherboards have been using 24pin connectors for years now, the S2460 must predate them or it's a design flaw that it didn't use one. Either way, these days server mobos (including Tyan's) generally come with an 8pin socket as well as a 24pin ATX so I doubt you'll see the same problem again.
FWIW I got a hardware friend to solder a new plug onto my PSU and socket onto the motherboard, and it worked fine after that, and I always remembered to check my video card had its direct power supply plugged in. What sort of power load did your motherboard have? Lots of PCI cards, a power-hungy AGP card?
-
Re:TyanI have the same pattern http://trs80.ucc.asn.au/W5A00031.JPG http://trs80.ucc.asn.au/W5A00033.JPG from when I forgot to plug a molex into my 6600GT, so it was sucking all its power directly via the motherboard. Looking at your connector, it's a 20pin connector too, so I'd say you and I simply hit the physical current limit of the 20pin ATX connector. Server motherboards have been using 24pin connectors for years now, the S2460 must predate them or it's a design flaw that it didn't use one. Either way, these days server mobos (including Tyan's) generally come with an 8pin socket as well as a 24pin ATX so I doubt you'll see the same problem again.
FWIW I got a hardware friend to solder a new plug onto my PSU and socket onto the motherboard, and it worked fine after that, and I always remembered to check my video card had its direct power supply plugged in. What sort of power load did your motherboard have? Lots of PCI cards, a power-hungy AGP card?
-
Re:I love reporters
FireWire hardware can be set up to allow or disallow DMA requests depending on the device on the other end of the wire. Most OSes now only allow it if the device on the other end looks like a hard drive for security reasons. You can lock them down further if you want:
http://matt.ucc.asn.au/apple/
http://rentzsch.com/macosx/securingFirewireLinux also has security features in recent versions of its kernel to protect against arbitrary DMA attacks. (Search for firewire-ohci.) Windows does the same thing. With the right tweaks, disabling FireWire DMA is completely within the realm of possibility if you're that paranoid.
Unfortunately. once you have FireWire DMA access, there is no way to actually fake the data in RAM, but you could theoretically require the user to take some action to enable FireWire devices, and upon detecting an unexpected DMA-capable device on the bus, use the power management hardware to power down the PHY for a few seconds, causing a bus reset and a stall for just long enough for you to page everything out to disk and replace the entire contents of RAM with naked pictures of Janet Reno, then reenable the PHY just before you overwrite the page that the wiper code occupies.
:-DOf course, this is very nearly undeniable proof that you are guilty of something. Nobody would do anything REMOTELY that insane if they didn't have something really MAJOR to hide.
-
Re:Shhhh!
Don't you mean SSH rather than Shhh?
-
the Obligatory Shockwaves
These things are getting harder to find as time goes on...
http://www.personal.psu.edu/users/j/r/jrk132/tech. swf
http://www.ucc.asn.au/~japester/humour/foamy/tech2 .swf
http://foamytoons.mirrors.corruptedtruth.com/tech3 .swf -
Re:Huh?
As others have noted, you should have taken it to an Apple Store Genius Bar to check out why the sleep didn't last so long. The feature you want is called "Safe Sleep" in OS X. If you still have your PowerBook, and it is running OS X 10.4 or later, there are instructions on how to enable Safe Sleep. That link was on the first page of links that Google returns with the search "os x" hibernate, though it might not have been readily apparent three years ago. Nonetheless, you should have been able to determine through the Apple Support forums that you had a very atypical Sleep period.
If you are willing to give OS X another try with a MacBook Pro, there are instructions on how to make Safe Sleep a default action when closing the lid. As well as how to disable it if you want the reverse option.
-
Nothing new.. Well, maybe a bit..
Networked vending machines running linux are nothing new. The University of Western Australia Computer Club had this one way back in 1992 (and still does as far as I can tell):
http://www.ucc.asn.au/services/drink.ucc
The biometric thing is a new wheeze though! -
Re:what a whiner
If OpenSSH didn't exist, people would implement some other free ssh client or switch to a different standard.
Evidence that you're right.
Currently we use OpenSSH because it's the best free one. If it didn't exist the people working on it wouldn't all suddenly stop needing it, and if it had a different license some people who work on it would no longer be interested and others who aren't suddenly would be. It's currently a well-scratched itch, but the moment it isn't, it'll be scratched another way.
Fortune 500 companies rely on OpenSSH a lot more than they do OpenBSD; if nothing else, all the major Linux distros would collaborate on a fork of OpenSSH before they'd let it die. Or, more likely, jump-start lsh. -
Re:what a whiner
Furthermore, what makes Theo think that people want to run OpenSSH? At this point, it's as entrenched as Windows--nobody has a choice.
Actually, it isn't. You can also use LSH or Dropbear, and for SSH clients there are even more alternatives (PuTTY is available for Linux, for example).
This article almost makes me consider using one of them... -
Re:What does Ubuntu offer that Debian doesn't?
Well, more naked people for one.
-
Re:OpenVPN
I second OpenVPN was well.
We've used FreeS/WAN (now OpenVPN) since 2001, with nary an issue. We currently have 12 connections ranging from 144KBit to 3Mbit (all business quality!) all connected together. The VPN/firewall hardware at each site is a Pentium 120Mhz w/ 32MB or RAM, two network cards, and nothing but a floppy disk booting/running LEAF's Bering-uCLib. We have Win2K/XP VPN clients connecting to these "LEAF" systems as well. In theory, OpenVPN can support many hundreds of VPN tunnels - though the highest we've pushed it was around 30 (ie: permeant tunnels plus the Win32 clients) - with about 600 users between all the sites.
When we stress-tested this hardware/software combo, we were able to push just over 7Mbit/sec, and only added about 5ms latency to the link!
This combo has been rock solid - not a single connection failure can be blamed on the VPN software - it has been either the last mile, a NIC failure, or a bad floppy disk. Administration is via SSH (with a web-based admin console in development), and the firewall code is Shorewall. -
Re:Tried with Safari on OS X ...
http://matt.ucc.asn.au/diesafari.html is a stripped-down version of the output of mangle with seed 0x5cdb0b39 (on 10.3.5, the seeding is probably different on other OSes). It certainly kills Safari here...
-
Sony branded PS1 LCD hack
You can do this hack http://starfox.ucc.asn.au/carcomp/serio_lcd.htm there's also a couple of links in that page for other brands of PS1 LCDs.
-
Yet another SSH server
There's always Dropbear, which seems fairly small and useful, and does SSH2.
Mmmmm. monoculturelicious.