Readit News logoReadit News
notzorbo3 commented on Cloudflare's new DNS attracting 'gigabits per second' of rubbish   zdnet.com/article/1-1-1-1... · Posted by u/sohkamyung
threeseed · 7 years ago
> Anyone who relies on SMS for any type of authentication should stop

Err. That's pretty much every implementation of 2FA around the world.

Why isn't this more well known ?

notzorbo3 · 7 years ago
The beauty of it is cases like Google's. They have this bizarre 2FA security-theater Google Authenticator thing, but then nearly force everyone to have their phonenumber as a "backup device".

Guess what the send you when you forget your 2FA or password? Yep, an SMS. So out the door goes the whole point of 2FA. Your three factors (account name / email address + password + Google Authenticator) have now been reduced to one factor: your email address.

I can rent a mobile tower in Malaysia or some other asian country, advertise your phonenumber as roaming there for about €10/h and start intercepting all your shit. Or just get your telco's inept service dept to forward your number somewhere else.

Lessons here:

1. Even the giants get it wrong. 2. There is no security anywhere in the tech world. Literally everything is broken. Your electronic car locks / starter system, your phone, your internet, everything is horribly horribly horribly broken beyond any imagining, even for hyper-tech savvy people. 3. Remove your phonenumber as a backup device from your google account and never use it as a backup device every again.

notzorbo3 commented on The Boys Are Not All Right   nytimes.com/2018/02/21/op... · Posted by u/tysone
Consultant32452 · 8 years ago
America doesn't actually have a greater tendency towards mass shootings. In fact, Norway has the most per capita deaths from mass shootings across the US and Europe. There US is 11th in the rankings for death rate and 12th in frequency.

https://crimeresearch.org/2015/06/comparing-death-rates-from...

notzorbo3 · 8 years ago
Those numbers are from 2009 through 2015. That's just cherry picking, because those years just happen to include Anders Breivik. I think its well established that the US is the market leader in mass shootings.

Edit: Also, the president of Crime Prevention Research Center is John Lott, who's a known gun rights advocate. Your source does not seem to be very impartial.

notzorbo3 commented on The Boys Are Not All Right   nytimes.com/2018/02/21/op... · Posted by u/tysone
graeme · 8 years ago
The topical thesis of this article is extremely weak, considering:

1. Male underachievement and lack of identity is happening elsewhere. Certainly in Canada. 2. Mass shootings are not happening everywhere

I think there is a much simpler explantion for male mass shooters: men commit vastly more crime. America has a cultural tendency for mass shooting crime, so it shouldn't be surprising men dominate that crime like they do the rest.

Maybe fixing male identity would do it, but that's far from a given, and given international experience it doesn't seem to be the direct cause. (Men committed most crime even when they were confident in their identity)

The more likely cause is the legal structure around gun ownership in the United States.

notzorbo3 · 8 years ago
I agree with everything you said, however

> The more likely cause is the legal structure around gun ownership in the United States.

Gun ownership may be an enabler in mass shootings, but I don't believe it's the cause. Merely having a gun doesn't automatically make you a mass murderer. There are other underlying issues there. Not that that means the U.S. shouldn't do something about the legal structure around gun ownership. It's probably going to be much much harder to actually address the underlying cause.

notzorbo3 commented on The Fields Medal should return to its roots   nature.com/articles/d4158... · Posted by u/adenadel
Hasz · 8 years ago
If you accept the idea that a penchant for math is randomly distributed among all people, then the odds of 55/56 men winning by chance are very, very, very low.
notzorbo3 · 8 years ago
> If you accept the idea that a penchant for math is randomly distributed among all people

That would seem rather detached from reality.

notzorbo3 commented on How did Google Talk change from a dream to a nightmare?   tnhh.net/posts/google-tal... · Posted by u/calcifer
jhasse · 8 years ago
A smartphone isnt required, only a telephone number for authentification.
notzorbo3 · 8 years ago
> A smartphone isnt required

It is for Whatsapp. Not only for sign-up, but actually all communication on the web version goes through the app running on your phone. The web "session" times out constantly, so I'd have to re-pair it with my phone all the time. If I still decided to use whatsapp.

notzorbo3 commented on The Kubernetes Effect   infoq.com/articles/kubern... · Posted by u/sdiepend
geggam · 8 years ago
My question is this. Why does the container world use NAT.. ( 3 layers to get out of container to base host in k8s ) ... and not use routing ?

Is it just the container devs dont know routing ?

notzorbo3 · 8 years ago
Because NATting encapsulates while routing doesn't? And encapsulation is the whole idea behind containers. Until everything is ready for IPv6 (lol, yeah right), NATting seems the only way to me.
notzorbo3 commented on GitHub giveth; Wikipedia taketh away   go-to-hellman.blogspot.co... · Posted by u/fern12
mosselman · 8 years ago
"...annoyance at the legalistic (and typically white male) Wikipedian."

How are skin color and gender relevant to the article or the point being made?

notzorbo3 · 8 years ago
Does the author have any evidence that's it's typically white males?

Is the author implying that white males are to blame for draconic / legalistic Wikipedia?

Has the author proven that draconic wikipedia editting is a bad thing?

Does the author show, in a mere three words) that they're both racist and sexist? (answer: yes).

I like how the author negates the entire point of their article just by casually mentioning thier unproven, unfounded bias. This person's thoughts are not worth anybody's time.

notzorbo3 commented on Zerg: Boot a VM instance per request, all in under 250 ms   zerg.erlangonxen.org/... · Posted by u/tylerhou
rozap · 8 years ago
The point is to show boot times. If you are scaling up/down in response to load, this is a nice quality to have. Most folks have really spiky traffic patterns so this can save you a lot of money.

Obviously no one would ever run something like this 1 vm per request thing irl.

notzorbo3 · 8 years ago
> Obviously no one would ever run something like this 1 vm per request thing irl.

I can see plenty of use-cases for doing just that. Large uploads, time-consuming request/responses such as server-side data processing, RPC, as a backend behind a caching front-end so that it only has to respond to invalidated cache entries, etc.

I don't see many people using this to actually serve general website requests though. It'd probably be modified to serve multiple requests until nothing is left to do and then exit.

notzorbo3 commented on Personal observations on the reliability of the Shuttle – R.P. Feynman   ranum.com/security/comput... · Posted by u/indexerror
rabidrat · 8 years ago
Feynman argues for unit tests:

> For example, cracks have been found in the turbine blades of the high pressure oxygen turbopump. Are they caused by flaws in the material, the effect of the oxygen atmosphere on the properties of the material, the thermal stresses of startup or shutdown, the vibration and stresses of steady running, or mainly at some resonance at certain speeds, etc.? How long can we run from crack initiation to crack failure, and how does this depend on power level? Using the completed engine as a test bed to resolve such questions is extremely expensive. One does not wish to lose an entire engine in order to find out where and how failure occurs. Yet, an accurate knowledge of this information is essential to acquire a confidence in the engine reliability in use. Without detailed understanding, confidence can not be attained.

notzorbo3 · 8 years ago
> Feynman argues for unit tests

I'm not sure that would be my takeaway from that quote. In the analogy of Unit testing, the test would have found the cracks in the turbine blades. It seems to me that Feynman continuously argues for deep investigation into any problems encountered, rather than (seemingly) ignoring them or making up excuses for why they're not problems.

He regards independent code verifications and testing highly, it seems:

> The software is checked very carefully in a bottom-up fashion. First, each new line of code is checked, then sections of code or modules with special functions are verified. The scope is increased step by step until the new changes are incorporated into a complete system and checked. This complete output is considered the final product, newly released. But completely independently there is an independent verification group, that takes an adversary attitude to the software development group, and tests and verifies the software as if it were a customer of the delivered product. There is additional verification in using the new programs in simulators, etc. A discovery of an error during verification testing is considered very serious, and its origin studied very carefully to avoid such mistakes in the future.

I'd consider this quote a clear argument for unit testing though:

> There is additional verification in using the new programs in simulators, etc.

In the end, it seems to come down to the simple concept of: spending more time on verifying code results in better code. Whether it is through automated testing, code reviews, independent (and competent) user acceptance testing, etc.

notzorbo3 commented on How the US Pushed Sweden to Take Down the Pirate Bay   torrentfreak.com/how-the-... · Posted by u/pawal
zaarn · 8 years ago
These companies are the scum of the scum, tbh, I recall I once got a letter claiming I must pay about 6000€ for illegally downloading "Debian 5 Linux Netboot ISO" and "Ubuntu 12.04 x86 Full ISO" or something along those lines.

They sent some awfully scary letters for what amounts to legally obtaining an ISO file.

notzorbo3 · 8 years ago
I used to run an abandoned warez site when I was young. I received a lot of cease and desist letters from "lawyers". They usually failed to identify the infringing material, failed to show they had the right to act on the copywriters behalf and a staggering amount of them confused trademark infringement with copyright infringement. Also, every last one I received via email. Yeah, right, like that's going to hold up. I ignored all of them and never got even so much as a follow up.

In other words, such things are considered low-hanging fruit by these companies. Just throw it out there and see what sticks.

n

u/notzorbo3

KarmaCake day584February 4, 2016View Original