The more things change, the more they stay the same.

Message boards : Technical News : The more things change, the more they stay the same.
Message board moderation

To post messages, you must log in.

Previous · 1 · 2 · 3 · 4 · 5 · 6 · 7 · 8 . . . 10 · Next

AuthorMessage
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 30608
Credit: 53,134,872
RAC: 32
United States
Message 974850 - Posted: 28 Feb 2010, 20:55:53 UTC - in response to Message 974826.  

But *nix doesn't get hacked! Surely it must have been a Windows machine that caused all the problems...

Well if helps if the password isn't password!

ID: 974850 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 974856 - Posted: 28 Feb 2010, 21:17:05 UTC - in response to Message 974850.  

But *nix doesn't get hacked! Surely it must have been a Windows machine that caused all the problems...

Well if helps if the password isn't password!


Damn! Now I have to change all my passwords.
ID: 974856 · Report as offensive
Profile Jord
Volunteer tester
Avatar

Send message
Joined: 9 Jun 99
Posts: 15184
Credit: 4,362,181
RAC: 3
Netherlands
Message 974866 - Posted: 28 Feb 2010, 21:46:14 UTC - in response to Message 974856.  

But *nix doesn't get hacked! Surely it must have been a Windows machine that caused all the problems...

Well if helps if the password isn't password!


Damn! Now I have to change all my passwords.

Set it to Admin? :-)
ID: 974866 · Report as offensive
Profile RottenMutt
Avatar

Send message
Joined: 15 Mar 01
Posts: 1011
Credit: 230,314,058
RAC: 0
United States
Message 974867 - Posted: 28 Feb 2010, 21:47:41 UTC

what's up the cricket graphs are pulsing???
ID: 974867 · Report as offensive
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 30608
Credit: 53,134,872
RAC: 32
United States
Message 974890 - Posted: 28 Feb 2010, 23:26:43 UTC - in response to Message 974866.  

But *nix doesn't get hacked! Surely it must have been a Windows machine that caused all the problems...

Well if helps if the password isn't password!


Damn! Now I have to change all my passwords.

Set it to Admin? :-)

While you are at it, tell the world with a blog post the exact version and service pack of the O/S you are running so they can look up a known exploit.


ID: 974890 · Report as offensive
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1382
Credit: 54,506,847
RAC: 60
United States
Message 975044 - Posted: 1 Mar 2010, 16:09:15 UTC - in response to Message 974826.  

But *nix doesn't get hacked! Surely it must have been a Windows machine that caused all the problems...


There were two problems, neither unix specific. One was a developer. He wrote two scripts that didn't properly sanitize their parameters. The other was a configuration problem that allowed php to be run in any directory that the web server could see.
@SETIEric@qoto.org (Mastodon)

ID: 975044 · Report as offensive
Profile FrostKing9
Avatar

Send message
Joined: 20 Oct 01
Posts: 39
Credit: 23,815,960
RAC: 0
United States
Message 975057 - Posted: 1 Mar 2010, 16:41:06 UTC

I just discovered another small problem.

On the YOUR ACCOUNT page... next to CERTIFICATE... when I click on ACCOUNT, TEAM or CROSS-PROJECT I no longer get an options page. It immediately brings up the actual certificate.

Yep, it's a small problem... but one that Eric or Matt may want to look into.




I DONATE money to SETI@home.... DO YOU?

I'm just slowly BOINC'ing along.

Hey... ET... you have a sister who likes earthlings?
ID: 975057 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 975062 - Posted: 1 Mar 2010, 17:06:50 UTC - in response to Message 975044.  

But *nix doesn't get hacked! Surely it must have been a Windows machine that caused all the problems...


There were two problems, neither unix specific.


Somehow I was expecting something like this to be said.
ID: 975062 · Report as offensive
Profile tullio
Volunteer tester

Send message
Joined: 9 Apr 04
Posts: 8797
Credit: 2,930,782
RAC: 1
Italy
Message 975070 - Posted: 1 Mar 2010, 17:33:39 UTC - in response to Message 974847.  

But *nix doesn't get hacked! Surely it must have been a Windows machine that caused all the problems...


Good one there OzzFan :)

UNIX *is* a hack. It evolved from a quick-and-dirty lab experiment that got loose, and security was never designed into it from the ground up. The same holds for the more popular UNIX staples like NFS: hack upon hack and no security to speak of under the hood. Compared to other OSes Unices are comparatively easy to compromise if one has access to a system login or if one can remotely convince a daemon to spawn a shell. UNIX is not the best OS out there, it is merely one of the less horrible ones.

Flamesuit : I'm UNIX admin by trade.

AFAIK Unix evolved from the Multics project which was intended to be a secure OS but never met its design goals. Then two guys from Bell Labs took the basic Multics ideas and developed a small and working OS by the principle "keep it small keep it simple".The rest is history. Now about 90% of the top500 list run Linux (a UNIX clone) and other UNIX variants. Not bad for a "quick and dirty lab experiment".
Tullio

ID: 975070 · Report as offensive
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 30608
Credit: 53,134,872
RAC: 32
United States
Message 975148 - Posted: 1 Mar 2010, 21:54:16 UTC - in response to Message 975044.  

But *nix doesn't get hacked! Surely it must have been a Windows machine that caused all the problems...


There were two problems, neither unix specific. One was a developer. He wrote two scripts that didn't properly sanitize their parameters. The other was a configuration problem that allowed php to be run in any directory that the web server could see.

Ah, typical Apache problems.

So before any script gets deployed in the future, /dev/random gets piped to it? :)

ID: 975148 · Report as offensive
Eric Korpela Project Donor
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 3 Apr 99
Posts: 1382
Credit: 54,506,847
RAC: 60
United States
Message 975154 - Posted: 1 Mar 2010, 22:09:42 UTC - in response to Message 975148.  

More like: If anyone wants to deploy a script for personal use, they have to swallow /dev/random and then survive being thrown in /dev/null. Regardless of whether they survive or not, the answer is still "No!"
@SETIEric@qoto.org (Mastodon)

ID: 975154 · Report as offensive
OzzFan Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 9 Apr 02
Posts: 15691
Credit: 84,761,841
RAC: 28
United States
Message 975184 - Posted: 2 Mar 2010, 0:53:11 UTC - in response to Message 975154.  

Is there really any way to survive /dev/null?
ID: 975184 · Report as offensive
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 30608
Credit: 53,134,872
RAC: 32
United States
Message 975187 - Posted: 2 Mar 2010, 1:42:21 UTC - in response to Message 975154.  

Personal? ! !!!

I've got a yard arm you can borrow if you need to string someone up.

ID: 975187 · Report as offensive
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 30608
Credit: 53,134,872
RAC: 32
United States
Message 975189 - Posted: 2 Mar 2010, 1:43:49 UTC - in response to Message 975184.  

Is there really any way to survive /dev/null?

No one has come back after crossing the river Styx so we don't know.

ID: 975189 · Report as offensive
John McLeod VII
Volunteer developer
Volunteer tester
Avatar

Send message
Joined: 15 Jul 99
Posts: 24806
Credit: 790,712
RAC: 0
United States
Message 975232 - Posted: 2 Mar 2010, 3:51:01 UTC - in response to Message 975189.  

Is there really any way to survive /dev/null?

No one has come back after crossing the river Styx so we don't know.

And here I thought /dev/nul was a black hole.


BOINC WIKI
ID: 975232 · Report as offensive
Profile KWSN THE Holy Hand Grenade!
Volunteer tester
Avatar

Send message
Joined: 20 Dec 05
Posts: 3187
Credit: 57,163,290
RAC: 0
United States
Message 975331 - Posted: 2 Mar 2010, 16:42:07 UTC

I hate to throw another wrench into things, but there appears to be something wrong with the stats export for S@H: non of the stats websites have any record of the almost 7k of credits I've been awarded over the past three days...
.

Hello, from Albany, CA!...
ID: 975331 · Report as offensive
Profile arkayn
Volunteer tester
Avatar

Send message
Joined: 14 May 99
Posts: 4438
Credit: 55,006,323
RAC: 0
United States
Message 975345 - Posted: 2 Mar 2010, 17:22:08 UTC - in response to Message 975331.  

ID: 975345 · Report as offensive
Profile FrostKing9
Avatar

Send message
Joined: 20 Oct 01
Posts: 39
Credit: 23,815,960
RAC: 0
United States
Message 975501 - Posted: 3 Mar 2010, 16:30:00 UTC
Last modified: 3 Mar 2010, 16:37:03 UTC

KNOCK, KNOCK, KNOCK.... on wood. It's running very good.... thus far.

But the really minor problem I mentioned ^^ there, in Message 975057 is still present.


I DONATE money to SETI@home.... DO YOU?

I'm just slowly BOINC'ing along.

Hey... ET... you have a sister who likes earthlings?
ID: 975501 · Report as offensive
Profile Sutaru Tsureku
Volunteer tester

Send message
Joined: 6 Apr 07
Posts: 7105
Credit: 147,663,825
RAC: 5
Germany
Message 975571 - Posted: 3 Mar 2010, 21:01:15 UTC

ID: 975571 · Report as offensive
parl

Send message
Joined: 22 May 04
Posts: 95
Credit: 4,476,976
RAC: 0
United States
Message 975617 - Posted: 4 Mar 2010, 2:00:02 UTC

If this is not the appropriate thread, I'd like to know which one is. I've looked around and don't see anything.

I'm not getting new tasks. I had set up my preferences to maintain enough work for 2 days (perhaps overly optimistic?). For a brief shining moment, I had a bunch of tasks but those days are gone, my friend; we thought they'd never end. . . .

Some others suggested having a front-page announcement of the degree of up or down status, but I expect that that would not be good PR. Still, a thread here in Technical News or perhaps over in Number Crunching would allow folks to check if they could expect work units any time soon.

Yes, fixing is more to the point than reporting and after a long problem time there'll be an even longer busy time, but perhaps a message at the beginning of an actual outage and another at the end (barring busy time when the world is hitting for more WU) would suffice.

Ross
ID: 975617 · Report as offensive
Previous · 1 · 2 · 3 · 4 · 5 · 6 · 7 · 8 . . . 10 · Next

Message boards : Technical News : The more things change, the more they stay the same.


 
©2024 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.